The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The setup routine in SKILL.md requires the agent to download and execute a script from https://raw.githubusercontent.com/iOfficeAI/OfficeCli/main/install.sh by piping the output of curl directly into the bash shell. A similar pattern is provided for Windows systems using iex (Invoke-Expression) to run a remote PowerShell script. This method allows for arbitrary code execution from a remote source without verification or user oversight.\n- [COMMAND_EXECUTION]: The skill executes various officecli commands to interact with the file system and manipulate spreadsheet data. The setup block also utilizes shell utilities like grep and sed to parse version information from command output and API responses.\n- [EXTERNAL_DOWNLOADS]: The skill makes network requests to raw.githubusercontent.com to fetch installation scripts and api.github.com to check for the latest software releases from the vendor's repository.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes external data with high-privilege tool capabilities.\n
Ingestion points: The skill ingests untrusted data from .xlsx and .csv files via officecli view commands described in SKILL.md, creating.md, and editing.md.\n
Boundary markers: The instructions do not include any delimiters or warnings to the agent to disregard instructions that might be embedded within the processed spreadsheet data.\n
Capability inventory: The agent has the capability to execute shell commands (officecli) and write to the local file system.\n
Sanitization: There is no evidence of data sanitization, escaping, or validation of the content extracted from external files before it is processed by the agent.

officecli-xlsx