ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Dagny Nostr (nak)

v0.1.4

Manage Nostr posting and engagement via the nak CLI. Use for creating notes, replying in threads, tagging npubs, checking replies/mentions, monitoring a rela...

0· 658·0 current·0 all-time
by@edwardbickerton
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The SKILL.md and description explicitly require access to NOSTR_SECRET_KEY (nsec) for signing/publishing, but the registry metadata lists no required environment variables or primary credential. This mismatch is incoherent: the skill does need a secret key to function but the metadata doesn't declare it.
Instruction Scope
The runtime instructions stay within the stated purpose (publishing, replying, querying relays) and do not ask the agent to read unrelated system files. They do, however, instruct running a remote install script and recommend storing a secret in shell profiles or .env files — actions that require caution (see install and env notes).
!
Install Mechanism
Although the skill is instruction-only, the SKILL.md tells users to install nak via: curl -sSL https://raw.githubusercontent.com/fiatjaf/nak/master/install.sh | sh. Downloading and piping an unpinned installer from a raw GitHub master branch and executing it is high-risk: the script could change, and there is no pinned release or checksum. This is a non-trivial install risk.
!
Credentials
The only secret logically required is the NOSTR_SECRET_KEY, which the instructions repeatedly reference and recommend exporting; but that env var is not declared in the skill metadata. There are no other env vars or credentials requested, which is proportionate — except for the metadata omission and the guidance that suggests storing secrets in profiles/.env (which can be misconfigured and accidentally expose the key). Also the examples show inline --sec usage which can expose secrets in logs/history.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and does not declare system config path access. Its runtime behavior (invoking nak and talking to relays) aligns with its purpose and does not request elevated agent-wide privileges.
What to consider before installing
Before installing or using this skill: (1) Recognize that SKILL.md requires your NOSTR_SECRET_KEY but the registry metadata did not declare it — treat this as an omission. Only provide the nsec if you understand it grants posting/signing ability for your identity. (2) Do NOT run the curl | sh installer without review — the script is unpinned from GitHub master; prefer a pinned release, checksum, or package from a trusted distro, and inspect the script first. (3) Prefer exporting NOSTR_SECRET_KEY into a securely permissioned environment (chmod 600) rather than passing it inline with --sec to avoid leakage in shell history or process lists. (4) Verify you trust the default relay (wss://relay.primal.net) or specify a relay you control. (5) Ask the skill author/registry maintainer to update metadata to declare NOSTR_SECRET_KEY as a required credential and to provide a safer, pinned installation method (release tarball, package, or commit SHA). If you cannot verify the installer or are uncomfortable exposing the secret, do not install/run the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c8zv74s37y64b8btqassavd81b7a5
658downloads
0stars
5versions
Updated 3h ago
v0.1.4
MIT-0
@edwardbickerton
latest
Download

Nostr (nak)

Overview

Use nak for all Nostr actions: publish notes, reply in threads, and query relays for replies/mentions. Default relay: wss://relay.primal.net unless the user specifies another.

Install / Update nak

  • Repo: https://github.com/fiatjaf/nak
  • Install (script): curl -sSL https://raw.githubusercontent.com/fiatjaf/nak/master/install.sh | sh
  • Update: re-run the install script above (it installs latest)
  • Tip: review the script before running if you want to audit what it does.

Onboarding (keys)

  • Generate a new key: nak key generate (prints nsec + npub)
  • Save the secret: store NOSTR_SECRET_KEY in a shell profile or a local .env with restricted permissions.
    • Example: export NOSTR_SECRET_KEY="nsec1..."
    • Optional: chmod 600 .env if you store it locally.
    • Prefer env vars over inline --sec in commands.

Quick Start (common tasks)

  • Post a note: nak event -k 1 --sec $NOSTR_SECRET_KEY -c "..." <relay>
  • Reply to a note: include root and reply tags (see below)
  • Check replies: nak req -k 1 -e <event_id> -l <N> <relay>
  • Check mentions: nak req -k 1 -p <your_pubkey_hex> -l <N> <relay>

Workflow: Posting & Replies

1) Create a new note

  • Build content.
  • Publish: 
    nak event -k 1 --sec $NOSTR_SECRET_KEY -c "<content>" wss://relay.primal.net

2) Reply to a reply (correct threading)

Always include both root and reply tags so clients display it as a reply:

  • root = original top‑level note id
  • reply = the specific note you’re replying to

Use -t e="<id>;<relay>;root" and -t e="<id>;<relay>;reply".

Example:

nak event -k 1 --sec $NOSTR_SECRET_KEY \
  -t e="<root_id>;wss://relay.primal.net;root" \
  -t e="<reply_id>;wss://relay.primal.net;reply" \
  -p <other_pubkey_hex> \
  -c "<reply content>" \
  wss://relay.primal.net

3) Check for replies to a note

nak req -k 1 -e <root_id> -l 20 wss://relay.primal.net

4) Check mentions of your pubkey

nak req -k 1 -p <your_pubkey_hex> -l 20 wss://relay.primal.net

Conventions

  • Default relay: wss://relay.primal.net
  • Prefer NOSTR_SECRET_KEY env var instead of inline --sec.
  • When tagging users, include -p <npub/hex>.
  • For human-facing links, encode with nak encode nevent ... and format as https://primal.net/e/<nevent>.

References

  • Use nak event --help and nak req --help for flag details.

Comments

Loading comments...