The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill specifies capabilities for reading and modifying existing PowerPoint files, which creates a surface for indirect prompt injection attacks where malicious instructions are hidden within slide content. * Ingestion points: Found in the sections 'Modifying existing PowerPoint files' and 'Extracting content from presentations'. * Boundary markers: The instructions lack delimiters or warnings to treat slide content as untrusted data. * Capability inventory: The skill encourages using python-pptx and PptxGenJS to perform file system operations (read/write). * Sanitization: There is no mention of sanitizing or validating content extracted from external presentations before it is processed by the AI.

pptx-skill