excel
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the processing of untrusted data from Excel, CSV, and JSON files.
- Ingestion points: The script reads data from external files in commands like 'read', 'cell', 'from-csv', and 'from-json' in the file scripts/excel.py.
- Boundary markers: The script does not implement delimiters or specific instructions for the agent to distinguish between its own logic and data content in the outputs.
- Capability inventory: The skill possesses extensive file manipulation capabilities including creating, writing, and editing files on the local filesystem.
- Sanitization: No data validation or sanitization is performed on file contents before they are returned to the agent or written to new files.
- [EXTERNAL_DOWNLOADS]: The skill utilizes the openpyxl library, which is a well-known and trusted Python package for Excel manipulation. This dependency is specified in SKILL.md and _meta.json.
Audit Metadata