The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes subprocess.run to call external system tools like ffmpeg (for media processing) and soffice (for Word-to-PDF conversion). These calls are performed using argument lists rather than shell strings, following security best practices to prevent injection. \n- [COMMAND_EXECUTION]: The check_deps.py script uses subprocess.check_call to run pip install for dependency management. This action is gated behind an interactive prompt requiring user consent. \n- [EXTERNAL_DOWNLOADS]: The skill includes functionality to download necessary libraries from the official Python Package Index (PyPI) to ensure required tools are available for document and media processing. \n- [DYNAMIC_EXECUTION]: The skill uses importlib and __import__ to dynamically verify dependency availability and to load local integration modules for Feishu. This logic is restricted to local paths and standard library checks. \n- [INDIRECT_PROMPT_INJECTION]: While the skill processes untrusted document content, it relies on standard parsing libraries such as pdfplumber, pandas, and python-docx to extract text and data safely.

document-hub