xlsx
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The script executes LibreOffice via
subprocess.runusing argument lists, which effectively prevents command injection. - [DYNAMIC_EXECUTION] (SAFE): The skill creates a StarBasic macro in the application's configuration directory. The macro is hardcoded, performs only necessary recalculation tasks, and is managed with checks to prevent data loss.
- [DATA_EXPOSURE] (SAFE): The skill interacts only with the provided Excel file and its own configuration files; no sensitive system data access or external network exfiltration was found.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes Excel data but only extracts error locations and types, minimizing the risk of instructions embedded in spreadsheets affecting the agent.
Audit Metadata