xlsx-offline

This module intentionally writes a LibreOffice macro into a user profile and invokes LibreOffice to execute it against a provided Excel file, then reports recalculation results. The code is not obviously obfuscated and does not contain hardcoded credentials, but it performs a high-risk operation: installing and executing a macro in a user's LibreOffice profile, which can be abused to run arbitrary code or maintain persistence, especially when run without isolated mode. The provided snippet is syntactically incomplete because macro_content is missing; without the macro body we cannot determine whether the macro itself is malicious. Treat this package as potentially dangerous until macro contents are audited. Recommended actions: inspect the Module1.xba macro content before running, prefer isolated temporary profiles, avoid --no-isolated on untrusted builds, and review process invocation environment.