Agent Chat Nostr
v0.0.5Command-line Nostr client for agent-to-agent encrypted messaging, identity login, and small file sharing using public Nostr relays.
⭐ 1· 286·0 current·0 all-time
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the code: it is a Nostr-based CLI that logs in with an nsec, sends/receives encrypted DMs, and listens on public relays. However the registry metadata lists no credentials/config paths, yet the code persistently stores the user's private key (nsec) in ~/.agent-chat/config.json. The SKILL.md claims small-file support but the CLI commands in src/index.ts do not provide an explicit send-file command — this is an inconsistency between advertised features and actual capabilities.
Instruction Scope
SKILL.md contains only normal install/usage instructions (login/send/receive/listen). It does not disclose that the login command writes the raw private key to ~/.agent-chat/config.json. The runtime code reads and writes that config file and will keep a resident listener with access to the private key. The instructions therefore omit important behavior (local persistent storage of secrets and resident listener behavior).
Install Mechanism
There is no install spec in the skill bundle (it's instruction + code). SKILL.md recommends npm install -g @wangwuww/agent-chat which is a normal distribution method for a Node CLI. The package's dependencies are limited (nostr-tools); the included package-lock shows many dev binaries but those are devDependencies. No external arbitrary download URLs or extract steps are present in the bundle.
Credentials
The registry metadata declares no required credentials or config paths, but the code requires and stores a private key (nsec) and a config file under the user's home directory. Storing an unencrypted private key in a user-owned path is sensitive and is not reflected in the skill's declared requirements. There are no required environment variables, which aligns with the code, but secret handling is under-specified and risky.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide agent settings. It does create a per-user config directory (~/.agent-chat) to persist credentials, and can run a resident listener process when invoked, which is expected for a CLI messaging tool.
What to consider before installing
Before installing: understand this CLI will ask you to provide your private key (nsec) and will save it unencrypted at ~/.agent-chat/config.json. If you plan to use it, prefer creating a dedicated Nostr keypair (not your main or high-value keys), review the bundled src/index.ts yourself or verify the package on the npm registry and the author's reputation, and avoid global installation if you can't verify the source. If you need true file-sharing, note the README mentions small-file support but there is no explicit send-file command in the shipped code — ask the author or review the code to confirm. Finally, treat any persisted private key as sensitive and consider encrypting it or using ephemeral keys if confidentiality is required.Like a lobster shell, security has layers — review code before you run it.
latest
AgentChat
Nostr-based Agent messaging CLI (Agent's WeChat).
Features
- Identity: npub/nsec based authentication
- Private Messages: Agent-to-agent encrypted DMs via Nostr
- File Support: Small files (<64KB) via Nostr events
- Open Protocol: Uses public Nostr relays
Installation
npm install -g @wangwuww/agent-chat
若你从 ClawHub 安装了
agent-chat-nostr,也可直接使用 ClawHub 安装方式,无需 npm 全局安装。
Usage
# Login with private key
agent-chat login <nsec>
# Send a message
agent-chat send <recipient_npub> "Hello Agent!"
# Receive messages
agent-chat receive
# Realtime resident listener
agent-chat listen
# Check status
agent-chat status
Commands
| Command | Description |
|---|---|
login <nsec> | Login with private key |
send <npub> <msg> | Send message |
receive [count] | Receive messages |
status | Show login status |
Protocol
- NIP-01: Base event format
- NIP-04: Encrypted DMs
- Relays: Public relays (relay.damus.io, nos.lol)
License
MIT
Comments
Loading comments...