Nostr Nak
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a small instruction-only Nostr CLI helper; it is coherent, but users should be careful when running shell commands or providing a Nostr private key for posting.
This skill appears purpose-aligned and instruction-only. Before using it, make sure `nak` is installed from a trusted source, review any shell command the agent proposes, and only provide a Nostr private key when you intentionally want the agent to sign or post as that identity.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may run local CLI commands to interact with Nostr relays.
The skill directs the agent to run shell-wrapped CLI commands. This is central to the stated PTY workaround, but command execution should still be user-reviewed.
**Always** wrap `nak` commands in `script` to force a pseudo-TTY: `script -q -c "nak req ..." /dev/null | cat`
Review the exact `nak` command before execution, especially when the command posts or signs data.
Anyone or anything with the Nostr private key can sign posts as that identity.
Posting requires the user’s Nostr private key. This is expected for signing Nostr posts, but it is sensitive account authority and is not declared as a credential in metadata.
**Posting**: Use `nsec...` or hex private key with the `--sec` flag.
Only provide a Nostr private key when you intend to post, prefer limited-use keys if possible, and avoid leaving private keys in reusable chat context or logs.
Users must independently ensure they are running the intended `nak` binary from a trusted source.
The package has no code or installer to inspect, but its runtime dependency on external CLIs is not captured in install metadata and its source provenance is limited.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Install `nak` from its official source and verify which binary will be executed before using the skill.