Skills
skills/stvlynn/dingtalk-wukong-skills/xlsx/Gen Agent Trust Hub

xlsx

Warn

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The scripts/recalc.py script executes the soffice binary and system utilities like timeout via subprocess.run. Additionally, skill documentation advises the use of sudo for system-level dependency installation.
  • [REMOTE_CODE_EXECUTION]: The script programmatically generates a LibreOffice Basic macro and writes it to the user's configuration directory to enable persistent automated recalculation.
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection. 1. Ingestion points: Excel and CSV data files processed by pandas or openpyxl. 2. Boundary markers: Absent; no instructions are provided to the agent to ignore embedded commands. 3. Capability inventory: Writing macros to system paths and executing binaries via subprocess. 4. Sanitization: No validation or sanitization is applied to ingested spreadsheet content.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 19, 2026, 12:03 PM