The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a local bash script (scripts/create_standalone.sh) to embed image data into the HTML and uses the system open command to launch the generated presentation.- [EXTERNAL_DOWNLOADS]: The HTML template references and downloads the Tailwind CSS and Mermaid.js libraries from the JSDelivr CDN.- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes user-provided markdown specifications. Ingestion points: Untrusted content enters the context via spec.md. Boundary markers: No delimiters or instructions are provided to the agent to disregard embedded commands in the input data. Capability inventory: The skill has the ability to write to the file system and execute shell commands. Sanitization: The input markdown is parsed and converted without sanitization or validation of embedded instructions.

html-presentations