Catallax
ReviewAudited by ClawScan on May 10, 2026.
Overview
This instruction-only Catallax skill is coherent, but using it can publish signed contract-work events to public Nostr relays with your Nostr private key.
This skill appears purpose-aligned and instruction-only. Before using it, understand that it may sign and publish Catallax/Nostr events to public relays. Use a dedicated Nostr key if possible, install `nak` only from a trusted source, review every event before publishing, and do not include private task details, confidential work evidence, or sensitive payment information in public relay posts.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you provide your main Nostr private key, the agent/tool can create public signed events under that identity.
The skill instructs the agent to sign Nostr events using a Nostr secret key placeholder. This is expected for publishing Nostr events, but it gives whoever runs the command authority to post as that Nostr identity.
--sec "<nsec>"
Use a dedicated or limited-purpose Nostr key when possible, avoid exposing your main private key, and review all signed event content before publishing.
Task proposals, work deliveries, and status/conclusion events may become publicly visible and hard to retract once distributed to relays.
The skill documents direct CLI publishing of Catallax task events to multiple public Nostr relays. This matches the skill purpose, but these are public account actions tied to contract-work workflows.
nak event -k 33401 ... wss://relay.damus.io wss://nos.lol wss://relay.primal.net
Require explicit user confirmation before publishing, verify the event kind/tags/content, and avoid including private work details or sensitive evidence links in public events.
Installing or using an untrusted `nak` binary could put your Nostr key or system at risk.
The skill depends on an external `nak` command, but the provided artifacts include no install spec, pinned source, or required-binary declaration. This is not suspicious by itself, but users must source the tool safely.
Use `nak` to query kind 33401 events from relays
Install `nak` only from a trusted upstream source, verify the binary where possible, and avoid entering private keys into unknown tools.