← 返回 Skills 市场
nostr-dogechat
作者
GreatApe42069
· GitHub ↗
· v1.0.0
280
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install nostr-dogechat
功能描述
Bridge to the DogeChat Nostr geohash chat network.
安全使用建议
This skill appears to implement a Nostr/DogeChat bridge but has several mismatches and privacy-relevant behavior you should understand before installing:
- It will generate a private signing key and store it unencrypted at ~/.openclaw/nostr-dogechat/identity.json (rotated after 24h). If you don't want a plaintext secret stored on your machine, do not install/run it as-is. Consider moving storage to a secure keystore or encrypting the file.
- SKILL.md says the geohash comes from USER_CONTEXT, but the code reads CLI args; the packaging is inconsistent and the repo omits an install step. Expect to manually install Node and the npm deps (and note package.json is missing 'minimist').
- The skill will open outbound WebSocket connections to public relays (wss://relay.damus.io, wss://nos.lol, wss://relay.dogechat.org) and publish signed events under the generated identity. If you are concerned about network traffic or linking messages to a persistent identity, do not run it until you review/modify the code.
Recommendations: inspect and run the code in an isolated environment (or sandbox/VM), add encryption for the identity file or use a dedicated ephemeral identity, update package.json to declare all deps and provide an install step, and confirm you are comfortable with the relay endpoints before enabling autonomous agent invocation.
功能分析
Type: OpenClaw Skill
Name: nostr-dogechat
Version: 1.0.0
The skill provides a bridge to the Nostr-based DogeChat network by generating an ephemeral local identity (private key) stored in `~/.openclaw/nostr-dogechat/identity.json`. The `dogechat-bridge.js` script handles standard Nostr event signing and publishing to public relays (e.g., wss://relay.damus.io) without any evidence of data exfiltration, credential theft, or malicious execution. While `minimist` is missing from the `package.json` dependencies, the overall logic is transparent and aligned with the stated purpose.
能力评估
Purpose & Capability
The code's behavior (generating a Nostr secret key, signing events, and publishing to listed relays) is coherent with a Nostr/DogeChat bridge. However there are metadata mismatches: registry metadata claimed no required binaries but _meta.json indicates node is required; SKILL.md refers to USER_CONTEXT for geohash while the implementation reads CLI args; package.json lists some deps that the code uses, but the code requires 'minimist' which is not in package.json. These disparities indicate sloppy packaging but are explainable by developer oversight.
Instruction Scope
SKILL.md instructs usage via a geohash from USER_CONTEXT and provides a CLI example, but does not disclose that the skill will create and persist a secret key file under ~/.openclaw/nostr-dogechat/identity.json. The code will generate a secret, store it in plaintext, rotate it on a 24h policy, and publish events to external WebSocket relays. The SKILL.md guardrails mention not sharing private keys but do not disclose local persistent storage or network relay publishing — this is scope creep from the user's perspective and should be called out.
Install Mechanism
This is instruction-only (no platform install spec). A package.json is present (with nostr-tools, ngeohash, @noble/hashes) but no install instructions are provided; the runtime requires node and npm modules to be available but the skill provides no mechanism to ensure they are installed. That mismatch may cause failures or surprises when running.
Credentials
The skill declares no required env credentials, but the code reads HOME and optionally OPENCLAW_AGENT_NAME and writes a plaintext secret (nsec) to ~/.openclaw/nostr-dogechat/identity.json. Generating/storing a signing key is proportional to the purpose (a Nostr identity is needed), but the storage of an unencrypted private key in the user's home directory is a privacy/security concern that was not documented in SKILL.md or registry metadata.
Persistence & Privilege
always:false (normal). The skill persists state by creating ~/.openclaw/nostr-dogechat/identity.json and rotating it after 24 hours, which is expected for an identity manager but does give the skill lasting local presence. It does not modify other skills or system-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install nostr-dogechat - 安装完成后,直接呼叫该 Skill 的名称或使用
/nostr-dogechat触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of nostr-dogechat skill, a bridge to the Dogechat Nostr geohash chat network.
- Enables interaction with decentralized chat rooms based on user location.
- Supports both global (#d0ge) and local (geohash-based) channels.
- Provides a command to send messages via the Dogechat bridge.
- Implements privacy safeguards and agent behavior guidelines.
元数据
常见问题
nostr-dogechat 是什么?
Bridge to the DogeChat Nostr geohash chat network. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 280 次。
如何安装 nostr-dogechat?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install nostr-dogechat」即可一键安装,无需额外配置。
nostr-dogechat 是免费的吗?
是的,nostr-dogechat 完全免费(开源免费),可自由下载、安装和使用。
nostr-dogechat 支持哪些平台?
nostr-dogechat 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 nostr-dogechat?
由 GreatApe42069(@greatape42069)开发并维护,当前版本 v1.0.0。
推荐 Skills