xlsx
Warn
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The script uses
subprocess.runinrecalc.pyto invoke system binaries includingsoffice(LibreOffice),timeout, andgtimeout. While it avoidsshell=True, it relies on external system-level execution capabilities.\n- DYNAMIC_EXECUTION (MEDIUM): The script dynamically generates a StarBasic macro file (Module1.xba) and writes it to the user's application configuration directory (~/Library/Application Support/LibreOffice/4/user/basic/Standardor~/.config/libreoffice/4/user/basic/Standard). It subsequently executes this generated code via thevnd.sun.star.scriptURI. This pattern modifies the local application environment and introduces runtime-generated executable logic.\n- INDIRECT_PROMPT_INJECTION (LOW): The skill processes untrusted Excel files which serves as an attack surface for indirect injection.\n - Ingestion points:
recalc.pyaccepts a filename viasys.argv[1]and parses it usingopenpyxl.\n - Boundary markers: None present.\n
- Capability inventory: The script can execute system commands and modify application configuration files.\n
- Sanitization: There is no validation of the filename or cell content before it is passed to subprocesses or processed by the macro engine.
Audit Metadata