xlsx
Warn
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Runtime C compilation and process injection in
scripts/office/soffice.py. The script writes C source code to a temporary file, invokesgccto compile it into a shared library, and uses theLD_PRELOADenvironment variable to inject the library into thesoffice(LibreOffice) process. This is designed as a technical workaround for environments where AF_UNIX sockets are blocked.\n- [COMMAND_EXECUTION]: Automated application configuration and macro execution inscripts/recalc.py. The script automatically creates a StarBasic macro (Module1.xba) in the user's LibreOffice configuration directory and executes it to recalculate formulas in Excel workbooks.\n- [PROMPT_INJECTION]: Surface for indirect prompt injection via untrusted spreadsheet data. The skill ingests external data from.xlsx,.xlsm,.csv, and.tsvfiles usingpandasandopenpyxl. Since the agent context includes file system access and subprocess execution (soffice,gcc), malicious instructions embedded in spreadsheet content could potentially influence agent behavior if not properly sanitized.
Audit Metadata