xlsx
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The
recalc.pyscript usessubprocess.runto execute thesoffice(LibreOffice) binary in headless mode to trigger formula recalculation logic.\n- [COMMAND_EXECUTION]: Therecalc.pyscript modifies the local user environment by creating a persistent StarBasic macro file (Module1.xba) in the LibreOffice configuration directory (~/.config/libreoffice/or equivalent) to automate spreadsheet operations.\n- [PROMPT_INJECTION]: The skill provides functions to ingest untrusted data from external Excel and CSV files (as shown inSKILL.mdingestion points) without explicit boundary markers or sanitization logic, which combined with its file-writing and subprocess capabilities (documented inrecalc.py), creates a potential surface for indirect prompt injection.
Audit Metadata