xlsx-processing-openai
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation suggests installing common Python packages (
openpyxl,pandas,matplotlib) and system utilities (libreoffice,poppler-utils) from official repositories using package managers likepip,uv, andapt-get. - [COMMAND_EXECUTION]: The instructions include the use of
sudofor system package installation and the execution of shell commands (soffice,pdftoppm) for document conversion, which involves interacting with the host system's shell and potentially elevated privileges. - [PROMPT_INJECTION]: The skill is designed to ingest and process external spreadsheet data (.xlsx, .csv, .tsv), creating a surface for indirect prompt injection if malicious instructions are embedded within the data files.
- Ingestion points: External files are loaded and read using
openpyxlandpandaswithin the example scripts and suggested workflows. - Boundary markers: The instructions lack explicit delimitation markers or directives for the agent to ignore or sanitize embedded instructions within processed data.
- Capability inventory: The skill has capabilities to perform file system operations (creating directories, writing files) and execute shell commands for rendering tasks.
- Sanitization: There is no evidence of content validation or sanitization for spreadsheet data before it is processed or used in rendering commands.
Audit Metadata