my point is that a user can be told "oh, you can't see my notes, connect to my wss://evil-relay.com" -- I don't do any due diligence before manually adding a new relay to my list, I expect my client to not get buffer overflowed and leak my nsec or not be abused. That's the point I'm making wrt to the client needs to be hardened anyway.

Wrt automatic connecting to relays, users can blacklist relays to prevent connecting to a known bad relay and unfollow pubkeys that constantly send them to bad relays.

I agree that it's not trivial.