data-export-excel
Warn
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The troubleshooting section includes code to install the openpyxl package at runtime using pip. This allows the agent to fetch and execute external code.
- [COMMAND_EXECUTION] (MEDIUM): The skill uses subprocess.check_call to run system commands. While used here for package installation, it represents a powerful capability that could be misused.
- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection because it processes data from external sources without sanitization or boundary markers. 1. Ingestion points: adata.obs, adata.var, and deg_df in SKILL.md. 2. Boundary markers: Absent. No delimiters are used to separate external data from instructions. 3. Capability inventory: File writing via wb.save and subprocess execution via subprocess.check_call. 4. Sanitization: Absent. Data is written directly to the Excel workbook without validation.
Audit Metadata