excel-vba-modifier
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- Dynamic Execution (HIGH): The skill enables an agent to inject arbitrary strings as VBA code into Excel modules using
write_vba_moduleand subsequently execute that code viarun_macro. VBA has extensive access to the Windows operating system, including the filesystem and network, making this a high-risk capability if the agent is manipulated into running malicious scripts. - Security Configuration Reduction (MEDIUM): The skill documentation and
trust_center_checker.pyexplicitly instruct users to enable 'Trust access to the VBA project object model' and 'Enable all macros'. These actions significantly weaken the default security posture of Microsoft Excel on the host machine, potentially allowing other malicious documents to execute macros without user intervention. - Indirect Prompt Injection (LOW):
- Ingestion points: The skill reads existing VBA code from
.xlsmfiles and external.vbatext files (vba_modifier.py). - Boundary markers: Absent. The skill does not implement delimiters or warnings to the agent to ignore potentially malicious instructions embedded in the VBA comments of files it reads.
- Capability inventory: The skill possesses file-write (modifying Excel modules) and code-execution (running macros) capabilities.
- Sanitization: Absent. There is no validation or sanitization of the VBA code strings before they are injected into the Excel environment.
- Unverifiable Dependencies (LOW): The skill relies on the
xlwingslibrary. While this is a well-known package for Excel automation, its use in this context facilitates the bypass of standard security boundaries when combined with the required Trust Center changes.
Audit Metadata