xlsx
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The recalc.py script uses the subprocess.run module to execute system binaries such as soffice and timeout to facilitate formula recalculation.
- [COMMAND_EXECUTION]: The recalc.py script performs configuration modifications by writing a LibreOffice Basic macro file to the user's application configuration directory (~/.config/libreoffice or the macOS equivalent).
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from untrusted spreadsheet files (Excel, CSV, TSV).
- Ingestion points: Data is ingested via pandas.read_excel and openpyxl.load_workbook as shown in the workflow examples in SKILL.md.
- Boundary markers: No delimiters or safety instructions are used to distinguish between data and potential instructions within the processed cells.
- Capability inventory: The skill can execute system commands through the recalc.py script and perform file write operations via pandas and openpyxl.
- Sanitization: The skill does not perform validation or sanitization on the data extracted from external spreadsheets before processing.
Audit Metadata