The Agent Skills Directory

[COMMAND_EXECUTION]: The script recalc.py uses subprocess.run to execute system binaries, including soffice (LibreOffice) and process management utilities like timeout or gtimeout. These commands operate on file paths derived from user input.
[REMOTE_CODE_EXECUTION]: The recalc.py script performs dynamic code execution by programmatically writing a LibreOffice Basic macro to the local configuration directory (e.g., Module1.xba) and subsequently triggering its execution via the command line. This pattern involves runtime script generation and execution.
[PROMPT_INJECTION]: The skill processes untrusted external data from spreadsheet files, creating a surface for indirect prompt injection. Ingestion points: Data read via pandas.read_excel and openpyxl.load_workbook as described in SKILL.md. Boundary markers: None present; instructions do not advise the agent to isolate or ignore instructions embedded within the data. Capability inventory: The skill has the ability to write to the file system and execute shell commands through the recalc.py script. Sanitization: No data validation or sanitization logic is implemented to filter potentially malicious content within the spreadsheets.

xlsx