The Agent Skills Directory

[PROMPT_INJECTION]: Multiple subagent prompt templates, including those for outline generation (tpl-outline-orchestrator.md) and page planning (tpl-page-orchestrator.md), use the marker '【系统级强制指令 / CRITICAL OVERRIDE】'. This phrasing matches patterns used to bypass or override standard AI safety and behavior constraints.- [COMMAND_EXECUTION]: Several Python utility scripts (html2svg.py, html2png.py, gallery.py, and subagent_logger.py) execute shell commands using subprocess.run and subprocess.Popen. These calls are used to invoke system binaries such as node, npm, npx, and python3 to manage the rendering pipeline and dependencies.- [EXTERNAL_DOWNLOADS]: The conversion and gallery scripts are programmed to automatically execute 'npm install puppeteer' and 'npm install dom-to-svg' if the packages are not present in the environment. This runtime installation of external code from a public registry introduces supply chain risks.- [COMMAND_EXECUTION]: The skill employs a pattern of dynamically generating JavaScript source files at runtime (e.g., .dom2svg_tmp.js, .html2png_tmp.js) and subsequently executing them with Node.js to perform DOM manipulation and capture screenshots.- [EXTERNAL_DOWNLOADS]: In html2svg.py, the skill uses 'npx -y esbuild', which forces the installation and execution of the esbuild package without requiring manual user confirmation.

ppt-agent