excel
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests data from untrusted Excel files, creating a surface where hidden instructions could influence the agent's behavior. Ingestion points: scripts/excel.py (read, cell, find, info). Boundary markers: Absent. Capability inventory: File system write/edit/delete, data export. Sanitization: Absent.
- Dynamic Execution (LOW): The skill allows writing Excel formulas via the --formula flag. While this is a primary feature, it can be exploited to embed malicious payloads that execute when the resulting file is opened in external spreadsheet applications.
Audit Metadata