The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/chart-renderer.js file uses execSync with shell: true to execute the Mermaid CLI (mmdc). The command string is constructed using file paths that incorporate the meta.id field directly from slide Markdown frontmatter without sanitization. This pattern allows for command injection if a malicious slide file with a specially crafted ID is processed. \n- [EXTERNAL_DOWNLOADS]: The SKILL.md documentation specifies that users must install the @mermaid-js/mermaid-cli package globally via NPM to enable chart rendering functionality. \n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests and processes untrusted data from .slide.md files that could contain malicious instructions for the agent. \n
Ingestion points: scripts/slide-parser.js reads and parses user-provided Markdown files. \n
Boundary markers: Absent. No delimiters or instructions are used to separate slide content from rendering logic. \n
Capability inventory: The skill can execute system commands (execSync) and write to the local file system. \n
Sanitization: Absent. Content and metadata like meta.id are used directly in the processing pipeline without validation or escaping.

ppt-render