The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes external binaries including 'soffice' (LibreOffice), 'pdftoppm' (Poppler), and 'git' through parameterized subprocess calls. These executions are restricted to the skill's primary functionalities, such as document format validation, visual thumbnail generation, and change diffing in 'pack.py', 'thumbnail.py', and 'redlining.py'.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes untrusted content from user-provided .pptx files (via 'inventory.py'). Key ingestion points include slide text extraction and inventory generation. While explicit boundary markers are not present in the extracted data, the skill mitigates technical exploitation risks (XXE) through the use of 'defusedxml'. The skill's capabilities are limited to document manipulation and image generation.
[EXTERNAL_DOWNLOADS]: Documented dependencies such as 'markitdown', 'pptxgenjs', 'playwright', and 'sharp' are standard industry tools for document processing and rendering. These are installed via established package managers (npm and pip) from public registries.
[SAFE]: The skill demonstrates security awareness by implementing 'defusedxml' for XML parsing in 'unpack.py' and 'pack.py', effectively preventing XXE vulnerabilities during the manipulation of presentation archives.

pptx