The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The script scripts/office/soffice.py generates C source code at runtime, compiles it into a shared library using gcc, and then uses the LD_PRELOAD environment variable to inject this library into the soffice process. This is designed to shim socket calls when running in restricted environments.
[COMMAND_EXECUTION]: Multiple scripts utilize subprocess.run to execute external commands, including soffice for formula recalculation, gcc for its internal socket shim, and git for document validation.
[PROMPT_INJECTION]: The skill processes data from external spreadsheet files (.xlsx, .csv), creating an attack surface for indirect prompt injection.
Ingestion points: Untrusted data enters the context through pandas and openpyxl calls, specifically within scripts/recalc.py.
Boundary markers: No specific delimiters or warnings against embedded instructions are implemented in the file processing scripts.
Capability inventory: The skill has access to shell execution, file system writes, and local compilation tools.
Sanitization: The skill uses defusedxml.minidom to protect against XML-based vulnerabilities while parsing document structure.

xlsx