The Agent Skills Directory

[SAFE]: No malicious behavior or high-risk patterns were detected. The skill correctly implements security measures for processing Office XML formats, specifically using the defusedxml library in unpack.py and pack.py to prevent XML External Entity (XXE) attacks.\n- [COMMAND_EXECUTION]: The skill uses subprocess.run to call legitimate system utilities including soffice (LibreOffice), pdftoppm (Poppler), and git. These calls are executed safely with list-based arguments and are strictly relevant to the skill's purpose of document conversion and validation.\n- [EXTERNAL_DOWNLOADS]: The skill relies on well-known and reputable libraries such as playwright, sharp, and pptxgenjs. All dependencies are appropriate for the task and no suspicious remote code execution patterns were identified.\n- [DATA_EXFILTRATION]: Analysis confirms that no sensitive data (e.g., credentials or environment variables) is accessed or transmitted to external domains. Network activity is confined to local browser rendering for HTML-based slide generation.

anthropic-pptx