Reading messages can hardly be avoided but adding backdoor t...

Leo Wandersleb

npub1gm7tuvr9atc6u7q3gevjfeyfyvmrlul4y67k7u7hcxztz67ceexs078rf6

hex

faca766c836e4290a8b79fcff325917949988946f21c43907ee9d431045f0f85

nevent

nevent1qqs04jnkdjpkus5s4zmelnlnykghjjvc39r0y8zrjplwn4p3q30slpgprpmhxue69uhhyetvv9ujuem4d36kwatvw5hx6mm9qgsydl97xpj74udw0qg5vkfyujyjxd3l706jd0t0w0turp93d0vvung5v5wmu

Kind-1 (TextNote)

2026-05-03T16:01:35Z

↳ 回复 redshift (npub1ftt05tgku25m2akgvw6v7aqy5ux5mseqcrzy05g26ml43xf74nyqsredsh)

We're working on solving this problem as well. It could be possible to prove that there was no prompt injection/tampering in the middle up to the sour...

Reading messages can hardly be avoided but adding backdoor tool invocations in llm replies is even scarier but probably mitigatable.

原始 JSON

{
  "kind": 1,
  "id": "faca766c836e4290a8b79fcff325917949988946f21c43907ee9d431045f0f85",
  "pubkey": "46fcbe3065eaf1ae7811465924e48923363ff3f526bd6f73d7c184b16bd8ce4d",
  "created_at": 1777824095,
  "tags": [
    [
      "alt",
      "A short note: Reading messages can hardly be avoided but adding ..."
    ],
    [
      "e",
      "b65a21d7d19bcb960876ad5cd6649da827f09f4056fba0e1ca2d0cc77907a4fd",
      "wss://nostr.wine/",
      "root",
      "f985d309197c805e1719c73185b574fc3ee407d7c1b6157dee99c6ace2599bbb"
    ],
    [
      "e",
      "5130c94eb2dc43cbbed7a7afd5479910b59b9e2f74ebcee2a423d713c38bb63f",
      "wss://nostr.mom/",
      "",
      "46fcbe3065eaf1ae7811465924e48923363ff3f526bd6f73d7c184b16bd8ce4d"
    ],
    [
      "e",
      "5342eb98c4bb021e73424e948f0253ecc0e816e43a7616136d5d06a62ef4d282",
      "wss://relay.primal.net/",
      "reply",
      "4ad6fa2d16e2a9b576c863b4cf7404a70d4dc320c0c447d10ad6ff58993eacc8"
    ],
    [
      "p",
      "8bf629b3d519a0f8a8390137a445c0eb2f5f2b4a8ed71151de898051e8006f13",
      "wss://aggr.nostr.land/"
    ],
    [
      "p",
      "2efaa715bbb46dd5be6b7da8d7700266d11674b913b8178addb5c2e63d987331",
      "wss://spatia-arcana.com/"
    ],
    [
      "p",
      "f985d309197c805e1719c73185b574fc3ee407d7c1b6157dee99c6ace2599bbb",
      "wss://nostr.wine/"
    ],
    [
      "p",
      "d22bcdb1d2505bc060f65a86cd5f20532ec5f3e41c06aea9edac39f6ba76fd6e",
      "wss://nos.lol/"
    ],
    [
      "p",
      "46fcbe3065eaf1ae7811465924e48923363ff3f526bd6f73d7c184b16bd8ce4d",
      "wss://nostr.wine/"
    ],
    [
      "p",
      "4ad6fa2d16e2a9b576c863b4cf7404a70d4dc320c0c447d10ad6ff58993eacc8",
      "wss://relay.damus.io/"
    ],
    [
      "client",
      "Amethyst"
    ]
  ],
  "content": "Reading messages can hardly be avoided but adding backdoor tool invocations in llm replies is even scarier but probably mitigatable.",
  "sig": "1c4892424bc400b45bf8a489b3a155ac978d29de8cc769ea0eb4431fdbdfc07ee63bff5d289a8840cc4fc4795740a4f65f7113a68bbe5d568d2e642d19816357"
}