Nostr Wallet Connect (NWC) bridge for mdk-agent-wallet, which is self-custodial Bitcoin Lightning wallet for AI agents.

The skill `agent-wallet-nwc-bridge` is classified as suspicious due to a potential shell injection vulnerability in `index.js`. The `runAgentWallet` function executes `npx @moneydevkit/agent-wallet` with arguments derived from user-controlled NWC request parameters. Specifically, the `description` parameter in `make_invoice` requests is passed directly to `spawnSync` without apparent sanitization, which could allow an attacker to inject and execute arbitrary shell commands. While the `agent-wallet-nwc-bridge.service` file includes hardening measures like `ProtectHome=read-only` and `ReadWritePaths` to limit write access, the underlying RCE risk remains. There is no evidence of intentional malicious behavior, data exfiltration, or prompt injection against the AI agent.