The Agent Skills Directory

COMMAND_EXECUTION (SAFE): The ooxml/scripts/pack.py file uses subprocess.run to call soffice for document validation. The call is restricted to a headless conversion to HTML, includes a 10-second timeout, and uses fixed command-line arguments, which is a safe and appropriate implementation for verifying file integrity.
DATA_EXFILTRATION (SAFE): The skill demonstrates strong security posture by using defusedxml in ooxml/scripts/unpack.py and ooxml/scripts/pack.py. This prevents XML External Entity (XXE) and expansion attacks. While the lxml library used in ooxml/scripts/validation/docx.py is not inherently 'defused', the workflow ensures that XML files are sanitized by defusedxml during the unpacking stage before being processed by the validator.
INDIRECT_PROMPT_INJECTION (LOW): As a tool designed to extract and process data from external documents, the skill serves as an ingestion point for indirect prompt injection.
Ingestion points: ooxml/scripts/unpack.py (extracts XML from .docx, .pptx, and .xlsx files).
Boundary markers: None; the tool provides the structured XML content directly.
Capability inventory: Reading and writing to the file system and converting documents via soffice.
Sanitization: The skill mitigates structural XML risks using the defusedxml library.

docx