Skills
skills/aiskillstore/marketplace/xlsx/Gen Agent Trust Hub

xlsx

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • COMMAND_EXECUTION (SAFE): The recalc.py script uses subprocess.run to call soffice. Commands are constructed using argument lists rather than shell strings, which effectively mitigates shell injection risks. The usage of gtimeout or timeout is a standard practice for managing external process execution.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill processes untrusted Excel data which could contain malicious instructions.
  • Ingestion points: Files processed via load_workbook and recalc(filename) in recalc.py.
  • Boundary markers: Not explicitly defined in the script's logic when reading cell values.
  • Capability inventory: Subprocess execution of LibreOffice and filesystem write access to the LibreOffice configuration directory.
  • Sanitization: The script specifically filters for known Excel error strings (e.g., #REF!, #VALUE!) but does not sanitize cell content before processing.
  • PRIVILEGE_ESCALATION (SAFE): While the script writes to the user's application configuration directory (~/.config/libreoffice or ~/Library/Application Support/), this is a standard requirement for configuring LibreOffice macros and does not involve sudo or unauthorized permission changes.
  • EXTERNAL_DOWNLOADS (SAFE): The skill is associated with the anthropics organization, which is a Trusted External Source according to the [TRUST-SCOPE-RULE].
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:27 PM