vbaExcel
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- Privilege Escalation / Security Posture (MEDIUM): The skill includes
scripts/enable_vba_access.regwhich modifies the Windows Registry to setAccessVBOMto 1. This disables the security protection that prevents automated scripts from programmatically modifying Excel macros. While required for the skill's purpose, this change remains persistent on the host machine and can be exploited by other malicious software to inject macros. - Dynamic Execution (MEDIUM): The script
scripts/export_vba.pywrites an embedded VBScript to a temporary file (_export_vba.vbs) and executes it usingcscript.exeviasubprocess.run. This pattern of runtime script generation and execution is a form of dynamic code execution that could be vulnerable to path manipulation if inputs are not strictly controlled. - Indirect Prompt Injection (LOW): The skill ingests untrusted VBA code from
.xlsmand.basfiles. If an agent is used to refactor this code as suggested in the documentation, malicious instructions hidden in code comments or logic could influence the agent's behavior. - Ingestion points:
scripts/export_vba.py(extracts VBA via COM),scripts/import_vba.py(reads.basfiles). - Boundary markers: None; the agent processes raw script content without delimiting markers or 'ignore embedded instructions' warnings.
- Capability inventory: File system write access, Registry modification, COM automation of Excel, and Subprocess execution (
cscript.exe). - Sanitization: No sanitization or validation of the extracted VBA content is performed before it is provided to the agent context.
Audit Metadata