nostr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill instructs clients to fetch and subscribe to open public Nostr relays and HTTP endpoints (e.g., WebSocket relays like wss://relay.damus.io, NIP-11 relay info via HTTP, and NIP-05 /.well-known/nostr.json) and to query/process events and user-generated content from those relays, meaning the agent will read and interpret untrusted third-party content.