agent-sheet
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: During installation, the skill fetches the 'agent-sheet' package from the npm registry, which is an official tool provided by the vendor 'dream-num'.
- [COMMAND_EXECUTION]: The skill uses several command-line utilities including 'agent-sheet', 'awk', 'sed', and 'python3' to perform workbook inspections, data transformations, and file operations.
- [REMOTE_CODE_EXECUTION]: The 'agent-sheet run' command allows for the execution of JavaScript code snippets within the spreadsheet engine to handle complex logic, formatting, and structural changes.
- [REMOTE_CODE_EXECUTION]: Multiple example workflows utilize Python scripts via heredocs to perform structured data verification and metadata parsing after workbook mutations.
- [PROMPT_INJECTION]: The skill processes untrusted external content by importing XLSX files and reading CSV/TSV data, presenting a potential surface for indirect prompt injection.
- Ingestion points: 'file import' and 'pipe in' commands defined in SKILL.md and playbooks/01-getting-started.md.
- Boundary markers: Not present; instructions do not specify the use of delimiters or 'ignore' warnings for workbook content.
- Capability inventory: Includes arbitrary command execution (awk, python) and programmable JavaScript execution (agent-sheet run) across all playbooks.
- Sanitization: No explicit sanitization or filtering of external workbook content is implemented before processing.
Audit Metadata