minimax-xlsx
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
subprocess.runinxlsx_insert_row.pyandlibreoffice_recalc.pyto execute internal helper scripts and the LibreOffice binary. These operations are securely scoped to local temporary directories and well-defined arguments, posing no risk of shell injection. - [DATA_EXPOSURE]: Data access is strictly limited to user-provided spreadsheet files and the
/tmp/directory for processing. There are no attempts to access sensitive credentials, environment variables, or system configuration files. - [EXTERNAL_DOWNLOADS]: The skill does not perform any network operations or external downloads. All templates and scripts are locally contained within the skill directory.
- [SAFE]: The skill follows security best practices for handling untrusted spreadsheet data. It prefers raw XML manipulation over libraries like openpyxl to avoid the accidental destruction of advanced workbook features (VBA, pivot tables) and provides a multi-tier validation framework (
formula_check.pyandstyle_audit.py) to ensure the generated output is valid and safe before delivery.
Audit Metadata