The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill fetches the Pico CSS framework from the jsDelivr CDN (https://cdn.jsdelivr.net/npm/@picocss/pico@2/css/pico.min.css) to style its HTML output.
[PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection because it interpolates data into an HTML template without explicit sanitization instructions. * Ingestion points: Untrusted data from the agent's context or web tools is placed into placeholders like {{deck-title}} and {{slide-content}} in TEMPLATE.html. * Boundary markers: None are defined to separate instructions from data within the template. * Capability inventory: The skill has the capability to write the generated HTML files to the local filesystem in the .agents/output/ directory. * Sanitization: There are no requirements or scripts to sanitize or escape HTML special characters, which could lead to Cross-Site Scripting (XSS) if the agent processes malicious data.

html-output