The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute multiple shell commands, including headless Chrome, LibreOffice, and local Python scripts. These commands utilize templates that interpolate user-provided research topics and content directly into shell arguments without sanitization, creating a surface for command injection.
[INDIRECT_PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted user content used to populate shell command templates and AI generation prompts. Ingestion points: User-supplied research topics and content sections used in shell templates within SKILL.md. Boundary markers: Absent; there are no delimiters or instructions to escape user content before interpolation. Capability inventory: Subprocess execution via the Bash tool for calling Python scripts and system binaries. Sanitization: Absent; the skill provides no validation or filtering logic for external input.
[DYNAMIC_EXECUTION]: The skill provides a Python code snippet using the python-pptx library and instructs the agent to generate and execute this script at runtime to create the final PowerPoint file.
[NO_CODE]: The skill references essential scripts, such as scripts/generate_schematic.py, which are not provided in the skill package. This results in a dependency on external or pre-configured environment components that are not verifiable.

pptx-posters