Skills
skills/krafton-ai/kira/xlsx/Gen Agent Trust Hub

xlsx

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • PERSISTENCE (HIGH): The script writes a persistent macro (Module1.xba) to the user's local LibreOffice configuration directory.
  • COMMAND_EXECUTION (HIGH): The script uses subprocess.run to invoke soffice on user-provided file paths, exposing the system to vulnerabilities in the office suite.
  • INDIRECT PROMPT INJECTION (HIGH): 1. Ingestion points: Processes untrusted Excel files via the recalc function. 2. Boundary markers: None. 3. Capability inventory: Subprocess calls and file writing. 4. Sanitization: No validation of input file content is performed.
  • DYNAMIC EXECUTION (MEDIUM): Generates and injects StarBasic code at runtime into the application configuration.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 07:14 AM