xlsx
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The
recalc.pyscript executes the localsoffice(LibreOffice) binary to recalculate formulas. It programmatically creates a LibreOffice macro file in the user's application configuration directory to facilitate this process. This behavior is documented and consistent with the skill's stated purpose of handling complex spreadsheet formulas. - [PROMPT_INJECTION]: The skill processes untrusted data from external spreadsheets, creating a potential vector for indirect prompt injection if malicious instructions are embedded within cells.
- Ingestion points: The skill uses
pandas.read_excelandopenpyxl.load_workbookto read user-supplied Excel, CSV, and TSV files. - Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are implemented to separate cell data from the agent's internal reasoning.
- Capability inventory: The agent has permissions to write files to the filesystem and execute the
sofficebinary through the providedrecalc.pyscript. - Sanitization: The skill lacks explicit sanitization or validation of spreadsheet content before it is incorporated into the agent's context.
Audit Metadata