The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/office/soffice.py implements a compatibility workaround by writing C source code to a temporary file and compiling it at runtime using gcc. The resulting shared library is then injected into the soffice process using the LD_PRELOAD environment variable. While this is used to bypass environment-specific socket restrictions for LibreOffice, it is a high-privilege technique for dynamic code execution.
[COMMAND_EXECUTION]: Multiple scripts, including scripts/thumbnail.py, scripts/office/soffice.py, and scripts/office/validators/redlining.py, utilize the subprocess.run function to execute system commands such as soffice, pdftoppm, git, and gcc. These operations are essential for the skill's primary functions of document conversion, visual preview generation, and change tracking.
[PROMPT_INJECTION]: The skill ingests external data from .pptx files during the unpacking and analysis phases (e.g., in scripts/office/unpack.py). This creates a vulnerability to indirect prompt injection, as text extracted from malicious presentations could contain instructions designed to influence the agent's behavior. The current instructions do not explicitly mandate the use of boundary markers or instructions to ignore embedded commands when processing extracted content.

pptx