The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses subprocess.run to execute local commands such as libreoffice or docker for converting PPTX templates into images. These executions are performed using list-based arguments, which effectively mitigates shell injection vulnerabilities.
[COMMAND_EXECUTION]: An optional backend allows the skill to shell out to the codex CLI for image generation. This process is handled using shlex for command parsing and list-based execution to maintain security.
[EXTERNAL_DOWNLOADS]: The skill downloads generated images from the user-configured OpenAI API or compatible relay. It includes security measures such as protocol validation (restricting downloads to HTTP/HTTPS) and a 50MB file size limit to prevent resource exhaustion or malicious file delivery.
[CREDENTIALS_UNSAFE]: API keys are managed through .env files stored in specific, scoped locations relative to the skill's installation. This design prevents the skill from accidentally reading unrelated environment variables or secrets from other project directories.
[SAFE]: The skill processes user-supplied text and template files to generate prompts for external APIs. While this creates an inherent surface for indirect prompt injection (where instructions hidden in a template might influence the generator), the risk is typical for AI-integrated tools and no malicious implementation or bypass logic was detected.

gpt-image2-ppt