xlsx-verify
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill displays formula strings and calculated results from workbooks to the agent's context, creating a surface for indirect prompt injection. Maliciously crafted spreadsheet data could contain instructions intended to divert the agent from its original task. Ingestion points: Excel workbooks (.xlsx, .xls) and image files; Boundary markers: None identified in the tool's output; Capability inventory: Executes the witan CLI utility; Sanitization: Formula content is displayed without explicit sanitization or escaping.
- [COMMAND_EXECUTION]: The skill's usage patterns involve passing file paths and range parameters to a CLI tool. This presents a potential command injection risk if the agent populates these fields using unsanitized input from untrusted sources.
- [DATA_EXFILTRATION]: Documentation specifies that spreadsheet files are processed and cached on witanlabs servers. While this is the intended function of the vendor's tool, it involves the transmission of potentially sensitive local workbook data to a third-party service.
Audit Metadata