The Agent Skills Directory

Credentials Unsafe (LOW): The example setup scripts (e.g., in blog-pipeline.md) reference WALLET_PRIVATE_KEY in .env files for use with client.authenticate(). While necessary for the platform's blockchain-based workflows, storing private keys in plain text presents a risk of local credential exposure.
External Downloads (LOW): SKILL.md provides instructions to update or add skills using 'npx skills add openserv-labs/skills', which involves downloading and executing code from an external repository.
Prompt Injection (LOW): The workflow templates create an attack surface for indirect prompt injection by interpolating untrusted trigger data directly into agent task instructions.
Ingestion points: Webhook triggers in all example setup files (e.g., topic, symbol, youtube_url, project_description).
Boundary markers: Absent; input such as {{trigger.topic}} is used without delimiters or instructional guards.
Capability inventory: Connected marketplace agents (Grok, Perplexity, Copywriter) perform web searches and content generation based on these inputs.
Sanitization: Absent; the provided setup scripts do not include logic to escape, validate, or filter user-provided strings before processing.

openserv-multi-agent-workflows