xlsx
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The
recalc.pyutility script usessubprocess.runto execute thesoffice(LibreOffice) binary in headless mode to recalculate spreadsheet formulas. - [DYNAMIC_EXECUTION]: To automate LibreOffice,
recalc.pydynamically writes a LibreOffice Basic macro (Module1.xba) to the user's local application configuration directory (~/.config/libreoffice or ~/Library/Application Support/LibreOffice). The macro follows a static, hardcoded template designed solely for calculation and saving. - [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: The skill processes external data from spreadsheet files (.xlsx, .xlsm, .csv, .tsv) via the
pandasandopenpyxllibraries. - Boundary markers: No specific delimiters or boundary markers are defined in the instructions for handling untrusted cell content.
- Capability inventory: Includes filesystem read/write access and the ability to execute the
sofficecommand via subprocess. - Sanitization: There is no evidence of content sanitization or validation performed on the data read from spreadsheets before it is returned to the agent's context.
Audit Metadata