xlsx
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The recalc.py script utilizes subprocess.run to invoke the soffice command and system timeout utilities to manage headless spreadsheet processing tasks.
- [SAFE]: All external libraries referenced, such as pandas and openpyxl, are well-known, standard packages for data analysis and Excel manipulation.
- [PROMPT_INJECTION]: The skill handles external data from spreadsheets which presents an indirect prompt injection surface.
- Ingestion points: Spreadsheets are read into memory via pandas and openpyxl.
- Boundary markers: No specific delimiters are defined to isolate data from instructions.
- Capability inventory: The skill can modify local files and execute the LibreOffice binary.
- Sanitization: Input content is processed without explicit validation for embedded commands.
Audit Metadata