excel-variance-analyzer
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill requests unrestricted Bash access (Bash(cmd:*)) in the SKILL.md frontmatter. This allows the agent to execute any system command, which is a high-privilege capability that increases the attack surface if the agent's instructions are subverted.- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is intended to process external budget and actual data, which acts as a potential vector for indirect prompt injection. Since the skill has access to powerful tools like Bash and Write, malicious instructions hidden in a spreadsheet could be executed by the agent.
- Ingestion points: Budget and actual data files imported via the comparison template.
- Boundary markers: None (no instructions for delimiters or 'ignore' tags).
- Capability inventory: Bash(cmd:*), Write, Edit, Read, Grep, Glob.
- Sanitization: No data sanitization or validation logic is defined.
Audit Metadata