The Agent Skills Directory

[Command Execution] (LOW): The pack.py script invokes the soffice (LibreOffice) binary via subprocess.run to validate document integrity. This is an intended functional requirement and uses a fixed command structure with local file paths.\n- [Indirect Prompt Injection] (LOW): The skill processes untrusted OOXML data which could potentially contain malicious payloads.\n
Ingestion points: XML files are extracted and parsed in ooxml/scripts/unpack.py and ooxml/scripts/validation/docx.py.\n
Boundary markers: No explicit delimiters or instructions are used to separate data from commands.\n
Capability inventory: The skill can execute the soffice binary on generated files.\n
Sanitization: The use of the defusedxml library in pack.py and unpack.py significantly mitigates risks associated with XML External Entity (XXE) attacks.\n- [External Downloads / Dependencies] (SAFE): The skill depends on standard Python packages (lxml, defusedxml) and expects a local installation of soffice. No unauthorized remote code downloads or unverified third-party dependencies were identified.\n- [Data Exposure] (SAFE): No evidence of hardcoded credentials, unauthorized access to sensitive system files (e.g., SSH keys), or suspicious network operations was found.

docx