Excel Analysis
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill facilitates the ingestion of external data and provides file-writing capabilities, creating an attack surface for indirect prompt injection.
- Ingestion points: The skill uses pd.read_excel and pd.ExcelFile in SKILL.md to load data from external files into the agent's context.
- Boundary markers: There are no boundary markers or explicit instructions provided to the agent to treat spreadsheet content as untrusted data or to ignore embedded commands.
- Capability inventory: The skill possesses the capability to write to the file system through functions like to_excel and savefig.
- Sanitization: No input validation or data sanitization patterns are implemented in the provided code snippets.
- Unverifiable Dependencies (LOW): The skill references several external Python packages including pandas, openpyxl, xlrd, xlsxwriter, and matplotlib. These are industry-standard libraries but remain external dependencies that must be managed.
Audit Metadata