xlsx
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The script performs dynamic code generation by writing a StarBasic macro (
Module1.xba) to the local LibreOffice configuration directory (~/.config/libreoffice/or~/Library/Application Support/LibreOffice/). This is a form of script generation and execution that modifies the host's application environment to enable the recalculation feature. - [COMMAND_EXECUTION] (LOW): The skill utilizes
subprocess.runto invoke external system binaries includingsoffice,timeout, andgtimeout. While it uses list-based arguments to mitigate shell injection, it still executes system-level processes with user-supplied file paths. - [DATA_EXPOSURE] (SAFE): The script accesses and reads local Excel files. This behavior is consistent with the stated purpose of recalculating formulas, and there is no evidence of unauthorized data exfiltration or access to sensitive system paths.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted data from Excel files and returns cell content (error values) to the agent.
- Ingestion points: The
recalcfunction inrecalc.pyreads cell values from user-provided Excel files. - Boundary markers: None present; the script returns raw cell coordinates and error strings in a JSON structure.
- Capability inventory: The script can execute subprocesses via
subprocess.run. - Sanitization: No sanitization is performed on the data extracted from the Excel cells before it is returned.
Audit Metadata