The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing untrusted data from active presentations.
Ingestion points: The agent reads data via wps_get_active_presentation, getTextBoxes, getSlideTitle, and getSlideNotes from active PPT files.
Boundary markers: No explicit instructions or delimiters are provided to the agent to ignore instructions embedded within the processed presentation content.
Capability inventory: The skill utilizes wps_execute_method to perform high-capability actions such as openPresentation, addPptHyperlink, and insertPptImage within the WPS environment.
Sanitization: No input validation or sanitization mechanisms are defined for the content extracted from slides before it is processed by the agent.
[EXTERNAL_DOWNLOADS]: The skill provides functionality to interact with external resources through standard presentation features.
Evidence: Methods such as setBackgroundImage, insertPptImage, and addPptHyperlink allow for the inclusion of external URLs or local file paths. These are documented as standard features for the intended purpose of the skill.

wps-ppt