spreadsheet
Warn
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to perform privileged system operations using
sudo apt-get installto installlibreofficeandpoppler-utils. Using elevated privileges for dependency installation should be monitored. - [COMMAND_EXECUTION]: The skill utilizes shell commands such as
soffice(LibreOffice) andpdftoppmto render spreadsheet files into images for visual verification during the workflow. - [EXTERNAL_DOWNLOADS]: The skill specifies the installation of standard Python packages, including
openpyxl,pandas, andmatplotlib, from public registries usinguvorpip. - [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection as it is designed to read and process data from external files that may contain instructions targeting the agent's logic.
- Ingestion points: Processes tabular data from
.xlsx,.csv, and.tsvfiles into the agent's context. - Boundary markers: Absent; there are no instructions to use delimiters or warnings to ignore instructions embedded in the cell data.
- Capability inventory: The skill has the capability to write files to the local filesystem and execute shell commands via the rendering sub-process.
- Sanitization: No input validation, escaping, or sanitization of spreadsheet content is implemented before the data is handled by the agent.
Audit Metadata