Archon Nostr
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: archon-nostr Version: 0.1.0 The skill is classified as suspicious primarily due to the `curl -sSL ... | sh` command in `SKILL.md` for installing the `nak` CLI, which executes arbitrary remote code and introduces a significant supply chain risk. Additionally, the `scripts/derive-nostr.sh` script handles highly sensitive `ARCHON_PASSPHRASE` and mnemonic data, embedding the mnemonic directly into an inline Node.js script for key derivation, and instructs the agent to save the derived private key (`nsec`) locally. While the stated purpose of deriving Nostr keys is clear, these methods involve high-risk operations and insecure practices.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who obtains the mnemonic or nsec can impersonate or control the associated identity; the nsec may also be exposed in terminal history, logs, or chat transcripts if copied carelessly.
The script retrieves the full Archon wallet mnemonic and prints the derived Nostr secret key. That is sensitive identity material and broader authority than a public DID lookup.
MNEMONIC=$(npx @didcid/keymaster show-mnemonic 2>/dev/null) ... console.log('nsec:', nsec);Run only in a trusted local environment, avoid pasting the nsec into chats or logs, and ensure the skill metadata clearly declares the passphrase/mnemonic/private-key handling.
A compromised package version, dependency, or tampered local /tmp dependency directory could run code in the same environment used for wallet-derived secret handling.
The script installs unpinned npm packages at runtime into a predictable /tmp directory and then uses them in the key-derivation flow. This creates avoidable supply-chain and local-tampering risk around wallet secrets.
DEPS_DIR="/tmp/archon-nostr-deps" ... npm install --silent bip39 @scure/bip32 secp256k1 bech32
Use pinned dependency versions with a lockfile or vendored reviewed code, install into a user-private directory, and disclose the dependency installation in the install spec.
If run with the wrong values, the user may publish incorrect public profile data or attach the wrong Nostr identity to the DID.
The documented commands can update a DID document and publish a Nostr profile using the derived secret. They are purpose-aligned and shown as manual commands, but they are still account/public-identity mutations.
npx @didcid/keymaster set-property YourIdName nostr ... nak event --sec $(cat ~/.clawstr/secret.key) wss://relay.ditto.pub ...
Review the npub/pubkey/profile content and relay list before running these commands, and require explicit confirmation before any agent-assisted posting or DID update.