The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the subprocess module for local task execution. The script scripts/libreoffice_recalc.py invokes the LibreOffice soffice binary to perform dynamic formula recalculation, and scripts/xlsx_insert_row.py executes the internal xlsx_shift_rows.py utility. These calls are implemented using list-based argument passing without a shell, which is a secure practice that prevents shell injection vulnerabilities.
[SAFE]: The scripts/xlsx_unpack.py tool implements defensive coding by explicitly checking for path traversal (Zip-Slip) vulnerabilities during the extraction of spreadsheet archives. It verifies that all file members are extracted strictly within the specified output directory boundaries.
[SAFE]: Spreadsheet reading and analysis are handled via standard data science libraries (pandas, openpyxl). The skill does not perform any network operations, and no hardcoded credentials or sensitive data exposure patterns were found in the scripts or documentation.

xlsx