xlsx

Warn

Audited by Socket on Mar 16, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

该技能的表格处理能力与宣称用途基本一致，所列 pandas/openpyxl/LibreOffice 也属正常技术栈；但它把“公式重算”这一关键步骤建立在未提供来源、版本或校验信息的 `recalc.py` 上。由于这是不可验证的本地执行组件，整体应判为 SUSPICIOUS，而非 BENIGN。

Confidence: 86%Severity: 78%

Audit Metadata

Analyzed At

Mar 16, 2026, 12:34 PM

Package URL

pkg:socket/skills-sh/marcelleon%2Fskills-zh%2Fxlsx%2F@9c63ffb87b65a6b425e73031ff2f8e4b86ba4c59