The Agent Skills Directory

[COMMAND_EXECUTION]: Several scripts in the scripts/ directory (html2png.py, html2svg.py, milestone_check.py, and smoke_skill.py) utilize subprocess.run to execute shell commands. These operations are used to manage Node.js processes for browser-based rendering and to run internal Python validation tools, which are essential for the skill's document generation functionality.
[EXTERNAL_DOWNLOADS]: The rendering scripts (html2png.py and html2svg.py) perform runtime installation of well-known NPM packages, including puppeteer, dom-to-svg, and esbuild, from the official NPM registry. These are legitimate dependencies used for converting HTML slides into PNG and SVG formats.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) as it ingests data from external web searches and user-provided documents.
Ingestion points: requirements-interview.txt (user input), search.txt (web search results), and source-brief.txt (user materials).
Boundary markers: The system uses {{VAR}} delimiters within markdown templates to separate instructions from data.
Capability inventory: The skill has the capability to execute shell commands and write files through its conversion and validation scripts.
Sanitization: There is no explicit sanitization of injected variables in prompt_harness.py. However, the risk is mitigated by the architecture's strict subagent phase isolation and the specific document-generation purpose of the conversion tools.

ppt-agent