Skills
skills/ameen-alam/ai-400-class/xlsx/Gen Agent Trust Hub

xlsx

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The recalc.py script invokes the soffice (LibreOffice) binary via subprocess.run to perform headless formula recalculations. It also interacts with system utilities like timeout or gtimeout for process management.
  • [COMMAND_EXECUTION]: The script dynamically creates and persists a LibreOffice Basic macro file (Module1.xba) in the user's local application configuration directory to automate workbook recalculation.
  • [PROMPT_INJECTION]: The skill processes untrusted spreadsheet data, presenting an indirect prompt injection surface.
  • Ingestion points: External data enters through pandas.read_excel and openpyxl.load_workbook operations in SKILL.md examples and recalc.py.
  • Boundary markers: The skill logic does not include specific delimiters or warnings to ignore instructions embedded within the spreadsheet data.
  • Capability inventory: The skill has capabilities for file system operations and command execution via the recalc.py script.
  • Sanitization: No sanitization or validation of the retrieved cell content is implemented to prevent processing of malicious instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 04:44 AM