office-quotes

The skill's code, install, and runtime behavior are consistent with a quote/thumbnail generator that can operate offline or call a third‑party Office Quotes API; nothing in the bundle appears to be trying to access unrelated secrets or system credentials.

This skill appears to do what it claims (produce quotes and images). Before installing, consider: 1) It can call a third-party API (officeapi.akashrajpurohit.com) — don't use it if you need strictly offline operation; use the local mode instead. 2) Converting SVG→PNG may launch Playwright/Chromium and/or download browser binaries (resource and network activity) — the SKILL.md doesn't document that extra step. 3) The Python helpers fetch arbitrary SVG URLs (they will make network requests to whatever URL you pass). 4) If you want extra assurance, review the npm package on the public registry and the referenced GitHub repo (github.com/gumadeiras/office-quotes-cli) and inspect the package.json/dependencies for unexpected telemetry or leftover tooling. If you have strict network or resource policies, run in local/offline mode or audit the package and its dependencies first.