The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill defines a template that ingests untrusted user content (headlines, body copy, and speaker notes) and interpolates it into the generated HTML deck.
Ingestion points: Placeholder content and the speaker-notes script block within example.html.
Boundary markers: Absent. The skill does not provide specific instructions to the agent to delimit or ignore instructions within user-provided data.
Capability inventory: No capabilities for subprocess execution, local file system modification (outside the artifact), or network operations were identified in the provided files.
Sanitization: The skill relies on the agent's default generation logic; no explicit sanitization or escaping mechanisms are described for the external content.
[DATA_EXPOSURE]: The assets/deck-stage.js file uses window.postMessage with a wildcard * target origin to broadcast slide index changes. While this allows the deck to communicate with a parent window (e.g., for a speaker notes view), it exposes the current slide index to any listener if the generated HTML is embedded in a multi-origin environment.

html-ppt-zhangzara-peoples-platform