Nostr Social

The skill is transparent about its capabilities, which include generating cryptographic keys and managing an ecash wallet for the agent. It implements good security practices like using stdin for user input to prevent shell injection and setting appropriate file permissions for private keys. All network and file system access is directly related to its stated purpose of providing a Nostr identity and Cashu wallet. While prompt injection against the AI agent is a general concern for any skill, there are no explicit instructions within the skill's markdown or code that demonstrate an intent to perform harmful actions such as data exfiltration, unauthorized remote control, or persistence mechanisms beyond its stated functionality.