The Agent Skills Directory

[SAFE]: The skill serves as a comprehensive integration guide for the Univer Pro suite, providing boilerplate code and configuration for enterprise spreadsheet and document features.
[EXTERNAL_DOWNLOADS]: Recommends installation of official @univerjs-pro/* npm packages from the vendor 'dream-num'. These are legitimate dependencies required for the described functionality.
[CREDENTIALS_UNSAFE]: The guides recommend using environment variables (process.env.CLIENT_LICENSE_TEXT) to manage license keys, which is a secure industry standard for secret management.
[COMMAND_EXECUTION]: Provides standard npm install instructions for setting up the development environment.
[INDIRECT_PROMPT_INJECTION]: The skill documents methods for importing external files (XLSX, DOCX) via the importXLSXToUnitIdAsync and importDOCXToUnitIdAsync APIs. While file ingestion can be an attack surface for indirect prompt injection, these methods are core features of the document engine and no malicious exploitation patterns were found in the skill's instructions.

univer-pro-integrate