Skills
skills/dokhacgiakhoa/antigravity-ide/xlsx/Gen Agent Trust Hub

xlsx

Warn

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The recalc.py script executes the system binary soffice (LibreOffice) to perform headless formula recalculations.
  • [COMMAND_EXECUTION]: To support its recalculation feature, the script dynamically generates a StarBasic macro and writes it to the user's local LibreOffice configuration directory (e.g., ~/.config/libreoffice/4/user/basic/Standard/Module1.xba). This creates a persistent executable script on the filesystem.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes external spreadsheet data with high-privilege capabilities.
  • Ingestion points: Files are loaded using openpyxl and pandas as described in sub-skills/data-analysis-with-pandas.md and used by recalc.py.
  • Boundary markers: No boundary markers or instructions are provided to the agent to disregard instructions embedded in spreadsheet cells or formulas.
  • Capability inventory: The skill possesses the ability to execute system commands, write to configuration directories, and modify local files.
  • Sanitization: No evidence of data validation or sanitization of spreadsheet contents was found before processing.
  • [PROMPT_INJECTION]: The LICENSE.txt file claims copyright by Anthropic, PBC, which contradicts the author provided in the skill context (Dokhacgiakhoa), potentially misleading users about the origin and safety of the skill.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 4, 2026, 02:03 PM