The Agent Skills Directory

[Persistence Mechanisms] (MEDIUM): The script writes a StarBasic macro to the user's LibreOffice configuration directory (e.g., ~/.config/libreoffice/4/user/basic/Standard/Module1.xba). This modification persists across all future uses of LibreOffice on the system.
[Dynamic Execution] (MEDIUM): The script programmatically generates XML-based macro code and writes it to the file system to be executed via a subprocess call to 'soffice'.
[Command Execution] (LOW): The script uses subprocess.run to execute external binaries including 'soffice', 'timeout', and 'gtimeout'. While it passes arguments as a list to mitigate shell injection, the reliance on system-level binaries and path resolution presents a minor risk.
[Indirect Prompt Injection] (LOW): The skill possesses an attack surface for indirect injection by processing untrusted Excel files using openpyxl and LibreOffice.
Ingestion points: filename argument processed in recalc.py.
Boundary markers: None (direct file ingestion).
Capability inventory: Subprocess execution (soffice), file writing (macro creation).
Sanitization: No specific sanitization of file content or structure before processing.

xlsx