ai-xlsx

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The documentation in SKILL.md provides instructions for running a local Python script (scripts/run.py) to interact with the skill's backend service.
  • [EXTERNAL_DOWNLOADS]: The scripts/run.py script makes network requests to the vendor's domain ai-skills.ai to process user data. This is standard behavior for an API-based skill.
  • [PROMPT_INJECTION]: The skill processes untrusted data from various sources which presents a potential surface for indirect prompt injection.
  • Ingestion points: The skill accepts untrusted data through parameters like materialText, materialFile, and materialUrl defined in references/form-schema.json.
  • Boundary markers: No explicit delimiters or boundary markers are defined in the instructions to isolate processed data from the agent's control logic.
  • Capability inventory: The scripts/run.py script facilitates network communication and CLI-based execution.
  • Sanitization: No input sanitization or validation routines were identified in the provided script files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — ai-xlsx