The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill mentions and utilizes well-known third-party libraries such as 'python-pptx' for PowerPoint content extraction and 'playwright' for automated viewport overflow validation. These are standard tools in the developer ecosystem.
[COMMAND_EXECUTION]: The skill executes a local Python script ('validate-slides.py') to ensure structural integrity of the generated HTML. It also uses standard OS-level commands ('open', 'xdg-open', 'start') to open the final presentation for the user. It performs a cleanup operation by deleting a temporary design directory ('.design/slide-previews/') used during the style selection process.
[DATA_EXFILTRATION]: No evidence of unauthorized data access or network-based exfiltration was found. The skill operates on local file paths for reading content and writing the final presentation.
[INDIRECT_PROMPT_INJECTION]: The skill exhibits a potential attack surface by ingesting external content from user-provided '.pptx' or '.html' files.
Ingestion points: Reads content from PowerPoint files and existing HTML decks in Phase 1.
Boundary markers: None explicitly defined to distinguish between user data and instructions.
Capability inventory: The agent has access to the 'Bash' tool, can execute local scripts, and perform file system operations (read/write/delete).
Sanitization: Content is processed through extraction libraries ('python-pptx'), which limits the risk of direct command injection but does not prevent instruction-based manipulation. Given that the skill primarily focuses on stylistic transformation and structural layout, this surface presents a low risk in its intended use case.

frontend-slides