xlsx
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns such as obfuscation, credential theft, or unauthorized network activity were detected. The skill utilizes legitimate built-in tools (create_document, read_document, edit_document) and industry-standard libraries (pandas, openpyxl) for its stated purpose.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes untrusted Excel data. This is an inherent risk of the functionality and not a result of malicious design.
- Ingestion points: Data is ingested from external files via
read_document,pandas.read_excel(), andopenpyxl.load_workbook()as shown in SKILL.md. - Boundary markers: No delimiters or 'ignore' instructions are specified for the data being read.
- Capability inventory: The skill has the ability to write to the file system using built-in document tools and library save methods.
- Sanitization: No specific content validation or sanitization logic is implemented for the data read from spreadsheets.
Audit Metadata