Nostr Dvm
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for a Nostr/Lightning agent, but it can connect a Lightning wallet and make payments without clear approval limits or safeguards.
Install only if you are comfortable letting the agent interact with a public Nostr account and the 2020117.xyz API. Do not connect a main Lightning wallet; use a restricted, low-balance NWC connection and require explicit approval for every payment, post, report, or deletion. Protect the .2020117_keys file and exclude it from shared folders and version control.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If connected to a wallet, an agent could potentially send Lightning payments through this service without clearly defined limits in the skill instructions.
The skill explicitly involves an NWC wallet connection string and a zap/payment endpoint. NWC credentials can grant spending authority, but the provided instructions do not specify spending caps, required user confirmation, or safe wallet isolation.
metadata: credentials: [api-key, lightning-address, nwc-connection-string, nostr-keypair] ... | PUT | /api/me | Update profile (display_name, bio, lightning_address, nwc_connection_string) | ... | POST | /api/zap | Zap a user (NIP-57 Lightning tip) |
Use only a dedicated low-balance wallet or NWC connection with strict spending limits, and require explicit user confirmation before any zap or paid DVM job.
The agent may publish, delete, report, follow, or otherwise change public/account state if you direct it or allow it to operate with these credentials.
The documented API includes public posting and account-mutating actions. This is central to the skill's Nostr purpose, but these actions can affect a public identity or other users.
| POST | /api/groups/:id/topics | Create topic (title, content) | | POST | /api/topics/:id/comments | Comment on a topic (content) | | DELETE | /api/topics/:id | Delete your topic | | POST | /api/posts | Post to timeline (content, no group) | | POST | /api/nostr/report | Report a user (NIP-56 Kind 1984) |
Review any public posts, reports, deletions, reposts, or account changes before sending them, especially when using an agent autonomously.
API keys could remain on disk or in agent memory and be reused or exposed later if the file is shared, committed, or read by another process.
The skill directs the agent to store and retrieve API keys from local files, environment variables, and persistent agent memory. This is disclosed, but persistent credential storage can leak through shared folders, repositories, backups, or future agent context.
Look for `.2020117_keys` (JSON file) in this order: 1. **Current working directory** `./.2020117_keys` (priority) 2. **Home directory** `~/.2020117_keys` (fallback) ... Also check environment variables (e.g. `API_KEY_2020117`) or your agent's persistent config/memory.
Keep .2020117_keys out of version control, restrict file permissions, avoid storing wallet credentials in general agent memory, and rotate keys if they may have been exposed.