The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The script scripts/office/soffice.py dynamically generates C source code, compiles it using gcc at runtime, and injects the resulting shared library into the soffice process via the LD_PRELOAD environment variable. This is a high-risk technique for process hijacking and dynamic code execution.\n- [COMMAND_EXECUTION]: The scripts/recalc.py script establishes persistence and modifies application behavior by writing a custom LibreOffice Basic macro (Module1.xba) into the user's local configuration directory.\n- [COMMAND_EXECUTION]: Several utility scripts execute system-level commands via the subprocess module, including gcc for compilation, soffice for application execution, and git for differencing.\n- [PROMPT_INJECTION]: The skill has a large attack surface for indirect prompt injection (Category 8).\n
Ingestion points: Spreadsheet data is ingested through pandas.read_excel and openpyxl.load_workbook as shown in SKILL.md.\n
Boundary markers: There are no explicit delimiters or instructions to the agent to ignore embedded commands in the source files.\n
Capability inventory: The skill possesses high-privilege capabilities including arbitrary file system writes and subprocess command execution.\n
Sanitization: Data from spreadsheet cells is processed without explicit sanitization or validation before being integrated into the workflow.

xlsx