The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses system binaries to perform document conversions and manage tracked changes.
Evidence: The script scripts/accept_changes.py executes the soffice binary (LibreOffice) using subprocess.run.
Context: The execution is handled securely by passing arguments as a list, which avoids the risks associated with shell interpolation.
[EXTERNAL_DOWNLOADS]: The skill requires several well-known industry-standard tools and libraries to be installed.
Evidence: Mentions dependencies on pandoc, LibreOffice, Poppler, and the docx package from the official npm registry.
Context: These tools originate from well-known services and are standard requirements for the skill's document processing functionality.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface because it processes untrusted content from external Word documents.
Ingestion points: External document content is ingested via pandoc or by unpacking XML files as described in SKILL.md.
Boundary markers: There are no explicit delimiters defined in the instructions to isolate document text from the agent's instructional context.
Capability inventory: The skill possesses the capability to execute subprocesses in scripts/accept_changes.py and perform file-system writes in scripts/comment.py and scripts/office/pack.py.
Sanitization: The skill mitigates XML-based injection risks (such as XXE) by using the defusedxml library in scripts/comment.py.

docx