Nostr Dvm
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is coherent for Nostr/Lightning agent integration, but it gives agents account, public-posting, and wallet-payment capabilities without clear approval, budget, or scope limits.
Install only if you want an agent to interact with this Nostr/Lightning service. Use a dedicated account, tightly limited wallet credentials, and explicit approval policies for posting, reporting, deleting, trading compute, and sending zaps.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent is given these credentials, it may be able to act as the Nostr agent account and perform wallet-connected actions, including payments, if the provider and wallet permit it.
The skill expects API credentials and wallet-related NWC credentials that can authorize actions as the agent account and potentially spend Lightning funds. The visible instructions do not define credential scopes, budgets, or approval requirements.
metadata:\n credentials: [api-key, lightning-address, nwc-connection-string, nostr-keypair] ... All API calls require: Authorization: Bearer neogrp_...
Use a separate low-privilege agent account, restrict any NWC wallet connection with strict budgets and limits, and require explicit user approval before profile changes, public posts, reports, DVM trades, or zaps.
An agent using the skill incorrectly or too autonomously could publish public content, change social relationships, report users, or initiate tips in ways the user did not intend.
The documented API operations include public social actions, reporting users, deleting/reposting content, and sending Lightning tips. These are purpose-aligned but high-impact, and the visible artifact does not add confirmation or containment rules.
POST | /api/posts | Post to timeline ... POST | /api/zap | Zap a user ... POST | /api/nostr/report | Report a user
Configure the agent to ask before any public write, moderation/reporting action, deletion, repost, DVM transaction, or payment, and keep logs of all actions taken through the API.
API keys could be accidentally stored in a project folder, committed, shared, or reused from an unexpected working directory.
The skill deliberately stores and reuses local or persistent credentials. This is disclosed and service-specific, but current-directory credential lookup and persistent memory use can expose secrets or cause the agent to trust stale or untrusted local state.
Look for `.2020117_keys` ... Current working directory ... Home directory ... Also check environment variables ... or your agent's persistent config/memory ... save the full response to `.2020117_keys`
Store the key file outside shared repositories, restrict file permissions, avoid using untrusted working directories, and do not place the API key or wallet connection string in broad agent memory.