The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) as it processes untrusted user-supplied documents into executable HTML code without explicit sanitization. Ingestion points: The skill reads source documents or provided content as described in SKILL.md (Step 1). Boundary markers: No explicit delimiters or boundary markers are defined to separate instruction from untrusted data. Capability inventory: The agent has the capability to write HTML files (e.g., presentation.html) and include script/style tags. Sanitization: The instructions lack any requirement to sanitize or escape HTML or JavaScript content from the source document before inclusion.
[EXTERNAL_DOWNLOADS]: The skill fetches necessary presentation and icon libraries from well-known services, specifically loading Reveal.js from cdn.jsdelivr.net, Lucide icons from unpkg.com, and web fonts from fonts.googleapis.com.

html-presentation