The Agent Skills Directory

[COMMAND_EXECUTION]: In src/lib.ts, the skill uses child_process.execSync to invoke the Marp CLI for PowerPoint generation. The command is constructed by concatenating variables including the marpCmd, inputPath, and outputPath. While the paths are enclosed in double quotes, the lack of robust shell escaping for these paths presents a potential risk if filenames contain shell metacharacters.
[REMOTE_CODE_EXECUTION]: The skill logic in src/lib.ts includes a fallback mechanism that executes npx -y @marp-team/marp-cli if a local binary is not detected. This results in the dynamic download and execution of the Marp CLI package from the npm registry at runtime.
[EXTERNAL_DOWNLOADS]: The skill leverages npx to fetch the Marp CLI from a well-known service (the npm registry) when the local dependency is missing.
[INDIRECT_PROMPT_INJECTION]: The skill provides an attack surface by processing external Markdown and PPTX files which are then passed to internal utilities and external CLI tools.
Ingestion points: Input files provided via the --input and --distill flags in src/index.ts.
Boundary markers: The skill does not implement specific boundary markers or 'ignore' instructions for the data processed by the Marp CLI.
Capability inventory: The skill can execute subprocesses (execSync), write to the file system (fs.writeFileSync), and extract design assets.
Sanitization: Filenames are partially sanitized by replacing spaces with underscores in src/lib.ts, but the content of the files and the full path strings are not fully sanitized against injection into the shell command.

ppt-artisan