spreadsheet
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Command Execution for Dependency Management: The skill instructions include commands for installing system-level dependencies and Python packages. While these include the use of
sudofor package management (e.g.,sudo apt-get install -y libreoffice poppler-utils), this is a standard procedure for environment preparation and is presented as a setup instruction rather than an automated background task. - Data Processing Surface: The skill is designed to read and process external spreadsheet files (
.xlsx,.csv,.tsv). This represents an indirect prompt injection surface where content within a processed file could theoretically attempt to influence the agent's behavior. However, the skill focuses on structural and data-driven tasks (formatting, formulas, analysis) which limits the impact of such patterns. - Local File System Interaction: The skill defines specific directories for intermediate (
tmp/spreadsheets/) and final (output/spreadsheet/) files. This is a positive security practice as it provides a predictable and contained area for file operations.
Audit Metadata