The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The documentation provides instructions for the manual installation of standard system dependencies and libraries required for document processing, including pandoc, the docx Node.js package, LibreOffice, Poppler, and the defusedxml Python library. These are reputable tools from trusted organizations.
[COMMAND_EXECUTION]: The skill utilizes several well-known command-line utilities to perform document operations: 1. Uses 'soffice' (LibreOffice) in ooxml/scripts/pack.py to validate document integrity through headless conversion. 2. Uses 'git diff' in ooxml/scripts/validation/redlining.py to facilitate precise comparison of document versions. 3. Utilizes pandoc and pdftoppm for text extraction and image rendering as described in the workflow instructions. All commands are executed on local files generated or provided during the session.
[PROMPT_INJECTION]: As a document processing tool, the skill has an inherent surface for indirect prompt injection from user-provided files. Evidence Chain: 1. Ingestion points: Files are unpacked using ooxml/scripts/unpack.py and read via scripts/utilities.py. 2. Boundary markers: The skill instructions provide clear structural guidance and batching workflows. 3. Capability inventory: Includes file system access, ZIP processing, and subprocess execution for conversion. 4. Sanitization: The skill explicitly uses the defusedxml library for all XML parsing tasks to neutralize XML External Entity (XXE) vulnerabilities.

docx