The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to perform operations with elevated privileges using sudo to install system dependencies (sudo apt-get install python3-pip libreoffice gnumeric). Execution of sudo commands by an AI agent represents a high-risk privilege escalation vector.
[EXTERNAL_DOWNLOADS]: The skill downloads and installs several Python packages (openpyxl, pandas, xlrd, xlsxwriter) and system software (libreoffice, gnumeric) from official package registries and well-known repositories using package managers (pip, apt, brew).
[PROMPT_INJECTION]: The skill is designed to process untrusted data from Excel and CSV files, making it susceptible to indirect prompt injection attacks where malicious content in a spreadsheet could attempt to manipulate agent logic.
Ingestion points: External data is loaded into the agent's context from .xlsx, .xls, and .csv files using pandas.read_excel() and openpyxl.load_workbook().
Boundary markers: No specific delimiters or boundary instructions are defined to separate untrusted spreadsheet data from agent instructions.
Capability inventory: The skill utilizes the bash tool for command execution and the write_file tool, which could be leveraged by successful injection payloads.
Sanitization: While the 'Security Notes' section suggests sanitizing formulas and validating paths, the provided code snippets do not contain actual sanitization or validation logic.

xlsx