The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill requires a WALLET_PRIVATE_KEY to be configured in environment variables for transaction signing in index.js. Storing raw private keys in environments or .env files is a security risk as they can be leaked through process inspection, error logs, or unauthorized access.\n- [EXTERNAL_DOWNLOADS]: The skill depends on the ethers and dotenv packages from the npm registry, which are standard for blockchain interactions but represent external code dependencies.\n- [PROMPT_INJECTION]: The lookup and reputation tools retrieve untrusted data from the blockchain (agent metadata and event logs) and pass it back to the agent context, creating a surface for indirect prompt injection.\n
Ingestion points: In index.js, the lookup() function fetches profile.endpoints and uri from the blockchain, and the reputation() function retrieves data from ReputationLogged events.\n
Boundary markers: No delimiters or safety instructions are used to encapsulate the data retrieved from the blockchain.\n
Capability inventory: The skill can perform on-chain writes (registerAgent, logReputation) which involve signing transactions and spending ETH.\n
Sanitization: No sanitization or validation is applied to the strings fetched from the blockchain before they are processed by the agent.

molt-registry