The Agent Skills Directory

[COMMAND_EXECUTION]: The skill employs subprocess.run to execute system commands for document conversion using libreoffice and pdftoppm. These executions are performed using argument lists, which mitigate shell injection risks.- [EXTERNAL_DOWNLOADS]: The skill references standard, well-known dependencies such as python-pptx and Pillow, as well as system packages like libreoffice and poppler-utils. These are appropriate for the skill's stated purpose and come from trusted ecosystems.- [DATA_EXFILTRATION]: The skill facilitates reading content from local files and writing extracted data (images, text) back to the local file system. No suspicious external network activity or exfiltration of sensitive system files was observed.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it reads and processes text from external PowerPoint files. While this could lead to the agent interpreting data as instructions, it is a standard behavior for document analysis tools.
Ingestion points: Python snippets in SKILL.md reading user-provided .pptx files.
Boundary markers: Not explicitly implemented in the provided code snippets.
Capability inventory: Local file writing and system command execution via subprocess.run.
Sanitization: No explicit sanitization of extracted text is shown in the examples.

pptx