xlsx-offline
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installation via
npx openskillsfrom a specific GitHub repository (github.com/okwinds/miscellany). It also depends on standard Python data science libraries such aspandasandopenpyxlfor Excel processing. - [COMMAND_EXECUTION]: The
recalc.pyscript invokes thesoffice(LibreOffice) binary usingsubprocess.runto perform headless formula recalculations. This execution is gated by the script's specific purpose. - [DYNAMIC_EXECUTION]: In
recalc.py, the skill dynamically generates a LibreOffice Basic macro (Module1.xba) and writes it to the filesystem. This macro is then executed via LibreOffice to automate the recalculation and saving of workbooks. While the script uses an isolated profile by default, it can optionally modify the user's permanent LibreOffice configuration. - [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: The skill processes external data from
.xlsxfiles throughpandas.read_excel,openpyxl.load_workbook, and LibreOffice's calculation engine. - Boundary markers: No explicit boundary markers or instructions to ignore embedded cell content are used during ingestion.
- Capability inventory: The skill possesses the ability to execute system commands (
soffice) and perform file system operations (writing macros and saving workbooks). - Sanitization: There is no evidence of sanitization or validation of the data read from Excel cells before it is processed by the agent.
Audit Metadata