Agent configuration
Registering skills
Each skill declares its input/output schemas via Zod, supported communication modes, and trust tier.Input is validated against your Zod schema before the handler runs. If validation fails, the caller receives
SCHEMA_INVALID — your handler is never invoked.Trust tiers
Trusting specific peers
Fortrusted-peers skills, register the caller’s public key before they connect:
AgentClient.prepare() on the client side to get the public key before connecting — see Calling Agents.
Starting the server
serve() the SDK generates and persists an Ed25519 keypair under keysDir. Subsequent runs load the existing key — the agent’s identity is stable across restarts.
Injection defense
The SDK always runs a regex-based injection scan on every incoming payload. For high-trust skills, add a second LLM-based layer viainjectionClassifier in AgentConfig:
OpenAI moderation API:
true to block (HTTP 400, INJECTION_DETECTED). If the classifier throws, the SDK fails open — it logs a warning and lets the request through. To fail closed instead, catch errors inside your function and return true.
Skill chaining
Skills can call other agents usingAgentClient: