The Agent Skills Directory

[PROMPT_INJECTION]: The skill is designed to analyze and extract content from various document formats (DOCX, PDF, PPTX, XLSX), creating a surface for indirect prompt injection where malicious instructions embedded in a processed document could attempt to influence the agent's behavior.
Ingestion points: Document content is extracted and processed in document.py (Word), inventory.py (PowerPoint), and recalc.py (Excel).
Boundary markers: No explicit delimiters or warnings to ignore embedded instructions were found in the text extraction logic.
Capability inventory: The skill has access to tools including Bash, Write, Edit, and WebFetch, and executes system commands for document processing.
Sanitization: No explicit sanitization or filtering of the extracted text content is implemented before it enters the agent's context.
[COMMAND_EXECUTION]: The skill's scripts (recalc.py, thumbnail.py, pack.py, validate.py) frequently utilize subprocess.run to invoke system utilities such as soffice (LibreOffice), pandoc, pdftoppm, and pdftotext. These operations are required for the skill's primary functionality of document conversion and formula recalculation.

moai-document-processing