The Agent Skills Directory

COMMAND_EXECUTION (SAFE): The skill uses external tools for document validation in a secure manner.
Evidence: ooxml/scripts/pack.py calls soffice (LibreOffice) using subprocess.run with a list of arguments.
Security: By passing arguments as a list rather than a single string, the code prevents shell injection vulnerabilities.
XML Security (SAFE): The skill processes untrusted XML data found within Office files using hardened libraries.
Evidence: ooxml/scripts/unpack.py and ooxml/scripts/pack.py utilize defusedxml.minidom for parsing.
Security: Use of defusedxml mitigates XML External Entity (XXE) and Billion Laughs denial-of-service attacks by disabling entity expansion.
Indirect Prompt Injection (SAFE): Analysis of the attack surface for untrusted document processing.
Ingestion points: ooxml/scripts/unpack.py reads and extracts contents from external Office documents.
Boundary markers: Not applicable as the skill primarily performs programmatic structural transformations rather than LLM prompt construction.
Capability inventory: File system access (read/write) in rearrange.py and pack.py, and subprocess execution for conversion in pack.py.
Sanitization: XML parsing is secured via defusedxml, and file paths are handled using the pathlib library to prevent directory traversal.

pptx