The Agent Skills Directory

COMMAND_EXECUTION (MEDIUM): In recalc.py, the script uses subprocess.run to execute the soffice (LibreOffice) binary and system-level timeout utilities (timeout or gtimeout). While it avoids shell injection by using argument lists, it relies on the execution of external system binaries.
REMOTE_CODE_EXECUTION (MEDIUM): The script performs dynamic execution by generating a StarBasic macro (Module1.xba) at runtime, writing it to the local filesystem, and then instructing LibreOffice to execute it using the vnd.sun.star.script URI protocol. This effectively injects and executes code within the LibreOffice process context.
PERSISTENCE (MEDIUM): The script writes the macro to the user's permanent LibreOffice configuration directory (~/.config/libreoffice/ on Linux or ~/Library/Application Support/LibreOffice/ on macOS). This modification persists after the script execution concludes, which may be an unexpected side effect for the user and could interfere with existing user macros.
PROMPT_INJECTION (LOW): The script has an indirect prompt injection surface as it processes untrusted Excel files from the environment.
Ingestion points: recalc.py reads file content using the openpyxl library.
Boundary markers: None present in the processing logic.
Capability inventory: The script can execute subprocesses via soffice.
Sanitization: The script performs minimal sanitization, primarily checking cell values for specific Excel error strings (e.g., #VALUE!).

xlsx