Skills
skills/dedalus-erp-pas/foundation-skills/xlsx/Gen Agent Trust Hub

xlsx

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The helper script recalc.py generates a StarBasic macro file and invokes the soffice (LibreOffice) binary via subprocess.run to recalculate workbook formulas. This is a primary function of the skill and is required for accurate spreadsheet output.
  • [PROMPT_INJECTION]: The skill is designed to analyze and modify external spreadsheet files (.xlsx, .csv, .tsv), which presents an attack surface for indirect prompt injection.
  • Ingestion points: Untrusted data enters the agent context through pd.read_excel and load_workbook operations in SKILL.md and recalc.py.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used to separate user-provided data from agent instructions.
  • Capability inventory: The skill can write files to the local system and execute commands via the LibreOffice recalculation script.
  • Sanitization: The skill does not perform validation or sanitization of data retrieved from spreadsheet cells before it is processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 11:33 PM