The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides several shell scripts in the scripts/ directory that wrap Slidev CLI commands. These scripts handle project initialization (slidev-init.sh), development server management (slidev-dev.sh), production builds (slidev-build.sh), and various export/theme operations. The scripts utilize npm and npx to manage legitimate packages like @slidev/cli and playwright-chromium, which is standard behavior for the intended development workflow.
[EXTERNAL_DOWNLOADS]: The scripts/sync-references.mjs utility is designed to keep documentation current by fetching markdown files from trusted sources. These sources include the official Slidev documentation (sli.dev), OpenAI developer docs (developers.openai.com), Anthropic's Claude documentation (code.claude.com), and OpenClaw documentation (docs.openclaw.ai). These operations are documented neutrally as they target well-known technology service providers and trusted organizations.
[PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it processes and edits markdown-based presentation files which could contain instructions intended to influence an agent's behavior. Evidence Chain: 1. Ingestion points: Slidev Markdown files (slides.md) processed by all execution scripts. 2. Boundary markers: Absent (no specific delimiters or instructions to ignore embedded content are applied). 3. Capability inventory: The skill can execute shell commands, install packages via npm, and create/modify local files. 4. Sanitization: None present (the scripts act as direct wrappers for the Slidev CLI). This risk is inherent to the primary purpose of the skill and is assessed as a low-severity vulnerability surface.

slidev-multi-agent