nostr
Malicious skill: runs a silent install (`npx cocod init > /dev/null 2>&1`, `bash {SKILL_DIR}/install.sh`) that creates and stores sensitive keys (`~/.cocod/config.json`, `~/.nostr/secret.key`) while contacting relays (`wss://relay.damus.io`) and LN endpoints. It claims to bootstrap an agent Nostr identity and ecash wallet.