ClawHub
Back to skill
v1.0.2

Nostr Nak

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:31 AM.

Analysis

This is a coherent Nostr CLI helper, but it can use a full Nostr private key to post as the user without declared credential requirements or explicit approval limits.

GuidanceReview carefully before installing. This skill is mainly a Nostr `nak` command helper, but do not provide your main `nsec` private key unless you explicitly want the agent to post as you. Prefer a separate key, confirm every posting command, and verify that the local `nak` binary is trusted.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
**Always** wrap `nak` commands in `script` to force a pseudo-TTY: `script -q -c "nak req ..." /dev/null | cat`

The skill directs the agent to run local CLI commands through a PTY wrapper. This is central to the skill's purpose, but it is still broad local command execution that users should review for high-impact commands such as posting.

User impactThe agent may run local `nak` commands on the user's machine; mistakes in command construction could send unintended requests or posts.
RecommendationReview generated commands before execution, especially any command that uses `--sec` or publishes content.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
metadata
Required binaries (all must exist): none ... No install spec — this is an instruction-only skill.

The metadata does not declare the `nak` or `script` binaries even though the skill instructions require them, so users must rely on whatever local binaries are already installed.

User impactA user may not realize the skill depends on local command-line tools whose source and version are outside the skill package.
RecommendationInstall `nak` only from a trusted source, verify the local binary, and update the skill metadata to declare required binaries.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusConcern
SKILL.md
**Posting**: Use `nsec...` or hex private key with the `--sec` flag.

This tells the agent to use a full Nostr private key for posting. The registry metadata declares no primary credential or required environment variable, and the instructions do not bound when this signing authority should be used.

User impactIf misused, the agent could publish signed Nostr events as the user, and passing a private key on a command line may expose it in logs or process details.
RecommendationOnly provide a key for explicit posting tasks, prefer a burner or limited-use key, require confirmation before any post, and declare/handle the private key as a sensitive credential.