The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill automatically installs multiple software packages and binaries during its execution cycle.
It uses npm install to download and install puppeteer, dom-to-svg, and esbuild at runtime within the script execution flow.
It triggers the download of the Chromium browser binary through Puppeteer's installation process.
It uses pip install to install Python libraries including python-pptx, lxml, and Pillow during the transformation pipeline step.
[COMMAND_EXECUTION]: The skill uses dynamic code generation and subprocess calls to manage its processing workflow.
Scripts html2png.py and html2svg.py generate temporary Node.js files containing logic for screenshotting and DOM manipulation, which are then executed via subprocess.run using the node runtime.
Subprocesses are used to invoke package managers (npm, pip, npx) and system-level utilities (pdf2svg).
[PROMPT_INJECTION]: The skill exhibits an attack surface for Indirect Prompt Injection (Category 8) due to its data ingestion and capability set.
Ingestion points: The skill ingests untrusted data from web search results (Step 2) and user-provided source materials (Step 1) directly into the agent's reasoning context.
Boundary markers: There are no explicit boundary markers or security instructions used to isolate external content from the agent's core instructions.
Capability inventory: The skill possesses significant capabilities including file system writes (png2pptx.py), local file reads and base64 conversion of images (html2svg.py), and shell command execution through generated Node.js scripts.
Sanitization: No sanitization or safety-filtering is applied to external data before it is interpolated into prompts or used to drive code generation.

ppt-agent