Skills
skills/yipng05-max/-skills/text-to-excel/Gen Agent Trust Hub

text-to-excel

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it processes untrusted structured text from the user to generate a complex JSON configuration.
  • Ingestion points: User-provided text, lists, and tables processed in SKILL.md Step 1.
  • Boundary markers: Absent. The skill does not define specific delimiters or instructions to the agent to ignore embedded commands within the input text.
  • Capability inventory: Execution of a Python script (scripts/generate_excel.py) that writes to the local file system.
  • Sanitization: The skill relies on the agent's ability to parse text into the schema without providing explicit validation or sanitization rules for the input data.
  • [COMMAND_EXECUTION]: The workflow involves executing a shell command to run a Python script with arguments.
  • The command python3 scripts/generate_excel.py <config.json> <output_path> uses an output path that is provided or confirmed by the user, which could result in writing files to unintended locations if the agent is misled.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 02:08 AM