Agent Team

This skill largely implements a local multi‑agent manager and is coherent with that purpose, but there are notable issues you should address before installing or running it: - greetings.py forces the presence of DEEPSEEK_API_KEY at the end of the file and will raise if it's missing; the registry metadata declares no required env vars. Ask the author to declare required environment variables or remove the hard fail. Running the script as-is may crash unexpectedly. - The greetings script contains per‑agent 'api_key' placeholders and will send Bearer tokens to dashscope.aliyuncs.com. Only provide API keys you trust and avoid reusing high‑privilege credentials. Prefer storing keys in environment variables and modify the code to read os.getenv for each agent instead of embedding keys. - SKILL.md was flagged for unicode control characters (possible prompt‑injection). Inspect the SKILL.md and any SOUL.md files for invisible control chars or malicious payloads before using them as system prompts to spawned agents. - The agent spawn/chat functions invoke the local 'openclaw' CLI via subprocess with system prompts built from SOUL.md; malicious or untrusted SOUL.md content can affect downstream agents. Only run agents whose SOUL.md you control or have audited. - If you want to proceed, run the skill in a sandbox or separate account, remove or fix the DEEPSEEK_API_KEY hard check, and replace 'TODO_REPLACE_WITH_ENV' placeholders with secure environment variable lookups. If unsure, request clarifications from the author about required env vars and the intended DashScope integration.