Skills
skills/mxyhi/ok-skills/xlsx/Gen Agent Trust Hub

xlsx

Warn

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Runtime compilation and library injection.
  • File: scripts/office/soffice.py
  • The skill performs runtime compilation of C source code into a shared library using gcc.
  • It uses the LD_PRELOAD environment variable to inject this library into the LibreOffice (soffice) process to shim Unix socket behavior and bypass environment restrictions.
  • [COMMAND_EXECUTION]: Persistence via application configuration.
  • File: scripts/recalc.py
  • The skill automatically configures a StarBasic macro (RecalculateAndSave) in the LibreOffice user directory. This persists custom code within the Office suite's configuration.
  • [PROMPT_INJECTION]: Indirect prompt injection surface.
  • Ingestion point: SKILL.md (recommends pd.read_excel and load_workbook for spreadsheet data processing).
  • Boundary markers: Absent. There are no delimiters or instructions to ignore embedded commands around the ingested data.
  • Capability inventory: The skill can execute system commands (soffice, gcc, git) and write files to the local system.
  • Sanitization: Absent. The skill does not sanitize or validate spreadsheet content before it enters the agent's context or is processed by recalculation tools.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 17, 2026, 02:01 AM