The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes platform-specific shell commands (open on macOS, xdg-open on Linux, and start on Windows) to automatically open the generated HTML presentation files in the user's browser. While this is part of the primary workflow, execution of shell commands based on generated file paths requires careful handling of filenames to prevent command injection.
[PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection through the processing of untrusted .ppt or .pptx files. Maliciously crafted presentation files could contain hidden instructions or scripts intended to manipulate the agent's behavior during the conversion process or to be embedded in the final HTML output.
Ingestion points: User-provided .ppt and .pptx files processed via Python (SKILL.md).
Boundary markers: None specified to distinguish between extracted content and agent instructions.
Capability inventory: Execution of Python scripts, file system write access, and system shell command execution.
Sanitization: No explicit sanitization or validation of extracted text is mentioned before it is interpolated into the HTML template.
[EXTERNAL_DOWNLOADS]: The skill recommends the installation of the python-pptx library if it is not already present on the system. While this is a standard and well-known library for PowerPoint manipulation, it represents an external dependency required at runtime.

frontend-slides