The Agent Skills Directory

[DYNAMIC_EXECUTION]: In scripts/office/soffice.py, the skill performs runtime compilation of a C-based library and uses LD_PRELOAD to inject it into the soffice process. This shim intercepts system calls such as socket, listen, and accept to enable functionality in environments where AF_UNIX sockets are restricted.
[COMMAND_EXECUTION]: The skill executes multiple local binaries including soffice for document manipulation and conversion, gcc for compiling the environment shim, pandoc for text extraction, and pdftoppm for rendering images.
[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted document data, creating a potential surface for indirect prompt injection. Ingestion points: Untrusted data enters the agent context through scripts/office/unpack.py during document extraction. Boundary markers: The instructions recommend using specific author markers (e.g., 'Claude') to delineate agent-generated content. Capability inventory: The skill possesses capabilities for subprocess execution (soffice.py, accept_changes.py) and extensive file system write access (pack.py). Sanitization: Security is enhanced by the consistent use of defusedxml for XML parsing to prevent standard XML vulnerabilities.

docx