The Agent Skills Directory

COMMAND_EXECUTION (LOW): The script ooxml/scripts/pack.py executes the soffice command via subprocess.run to validate documents. This is a functional requirement of the skill but involves running a complex external binary on processed data.- REMOTE_CODE_EXECUTION (LOW): ooxml/scripts/unpack.py uses zipfile.extractall() on input files, which is susceptible to ZipSlip (directory traversal) attacks where a malicious archive could overwrite files outside the intended directory.- PROMPT_INJECTION (LOW): The skill presents an indirect prompt injection surface (Category 8). * Ingestion points: ooxml/scripts/unpack.py extracts XML content from user-provided Office files. * Boundary markers: No specific boundary markers or instructions are used to separate user data from agent logic during processing. * Capability inventory: The skill can execute system commands and parse XML using lxml. * Sanitization: While defusedxml is used in some scripts, lxml.etree.parse in ooxml/scripts/validation/docx.py is used without configuration to prevent XML External Entity (XXE) attacks, which could be exploited through maliciously crafted document XML.

docx