The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The scripts/analyze_content.py script processes user-supplied markdown files, creating a vulnerability surface for indirect prompt injection. Ingestion points: The script reads raw markdown content from user-specified file paths. Boundary markers: No delimiters or safety warnings are included in the extracted structure. Capability inventory: The skill is designed to work with a PowerPoint MCP server to generate and modify files based on the extracted content. Sanitization: The script performs regex-based extraction of headers, bullets, and metrics without sanitizing or escaping the text before it is returned to the agent context.
[Unverifiable Dependencies] (LOW): The skill documentation suggests installing python-pptx, pillow, and pyyaml without version pinning. While these are reputable libraries, unversioned dependencies from non-trusted sources (per the analysis guidelines) represent a minor supply chain risk.

elite-powerpoint-designer