The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The sheet.operation_sheet tool (defined in sheet/api/operation-api.md) allows the agent to generate and execute JavaScript code on the Tencent Docs platform. This is a high-capability feature that executes AI-generated logic against remote spreadsheet APIs.
[COMMAND_EXECUTION]: The skill uses local shell scripts (setup.sh, import_file.sh) and a Node.js utility (generate_slide.js) to manage tokens, perform file uploads, and handle asynchronous PPT generation. These scripts interact with the system environment and the mcporter CLI tool.
[EXTERNAL_DOWNLOADS]: The setup.sh script performs a global installation of the mcporter Node.js package. The skill also facilitates authentication by fetching tokens from docs.qq.com and uploading files to cloud storage URLs.
[PROMPT_INJECTION]: The skill has multiple prompt injection surfaces. First, the js-script-rule.md file contains defensive instructions against behavior overrides. Second, the scrape_url workflow ingests untrusted external content from the web into the agent's context without explicit sanitization or boundary markers (Category 8), potentially allowing indirect injection from malicious websites.

tencent-docs