The Agent Skills Directory

[DATA_EXFILTRATION]: The scripts/unpack.py script uses the standard zipfile.ZipFile().extractall() method on user-supplied PowerPoint files. This method does not perform path validation on entries within the archive, making it vulnerable to directory traversal attacks (ZipSlip). A malicious .pptx file could include filenames with ../ sequences to overwrite critical files (like .bashrc or SSH configurations) outside the working directory, potentially leading to data theft or system persistence.
[COMMAND_EXECUTION]: Several components of the skill execute system binaries and launch external processes.
scripts/thumbnail.py and references/ooxml/scripts/pack.py invoke soffice (LibreOffice) and pdftoppm (Poppler) to handle document conversions.
references/ooxml/scripts/validation/redlining.py executes git diff for content comparison.
scripts/html2pptx.js uses the Playwright library to launch a Chromium browser to render local HTML slides, introducing the attack surface of a full browser environment.
[EXTERNAL_DOWNLOADS]: The skill requires several dependencies from external registries, including well-known packages such as playwright, markitdown, and sharp. While these originate from established organizations, their installation and execution occur as part of the skill's operation.

pptx