The Agent Skills Directory

[COMMAND_EXECUTION]: The script ooxml/scripts/pack.py uses subprocess.run to call the soffice (LibreOffice) command-line utility. This is used as a validation step to verify that generated .docx, .pptx, or .xlsx files are valid and can be successfully converted to HTML.
[COMMAND_EXECUTION]: The script ooxml/scripts/validation/redlining.py uses subprocess.run to execute git diff with word-diff and character-level precision. This is a benign utility function designed to provide detailed feedback during the validation of tracked changes.
[EXTERNAL_DOWNLOADS]: The SKILL.md documentation includes instructions for users to install necessary system-level dependencies such as pandoc, libreoffice, and poppler-utils, as well as standard libraries like defusedxml and docx via apt-get, pip, and npm respectively.
[SAFE]: The skill demonstrates strong security awareness by consistently using the defusedxml library for parsing all Office XML components in scripts/document.py, ooxml/scripts/pack.py, and ooxml/scripts/unpack.py. This implementation directly mitigates common XML-based attacks including XML External Entity (XXE) injection.

docx