The Agent Skills Directory

Dependency Installation: The documentation provides setup instructions for the uv package manager, a standard tool in the Python ecosystem. These instructions involve downloading an installer from the tool's official domain (astral.sh), which is an accepted practice for environment configuration.
Sandboxed Script Execution: For advanced slide drawing, the skill can execute local Python scripts (content-extra.py). It employs an AST-based validator to proactively block dangerous functions and restricts the execution environment to a safe set of built-ins, reducing the potential risk associated with dynamic code execution.
Hardened Image and XML Handling: The skill demonstrates security awareness by using a hardened XML parser for processing SVG images, which protects against XML External Entity (XXE) attacks. Additionally, it performs magic-byte validation when extracting legacy image formats to ensure file integrity.

powerpoint