Skills
skills/michaelboeding/skills/xlsx/Gen Agent Trust Hub

xlsx

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [Command Execution] (MEDIUM): The script executes LibreOffice using subprocess.run to run a macro on user-provided Excel files. While necessary for functionality, this pattern involves executing complex operations on untrusted data.
  • [Dynamic Execution] (MEDIUM): The setup_libreoffice_macro function programmatically creates a LibreOffice Basic macro and writes it to a persistent configuration directory (~/.config/libreoffice or ~/Library/Application Support/LibreOffice). Script generation and execution is a high-risk pattern.
  • [Indirect Prompt Injection] (LOW): The skill ingests untrusted Excel data. 1. Ingestion points: recalc.py reads Excel files via openpyxl. 2. Boundary markers: Absent. 3. Capability inventory: Command execution (soffice) and file system writes in recalc.py. 4. Sanitization: Absent; cell contents and error types are extracted and returned as raw data.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:31 PM