Skills
skills/dedalus-erp-pas/hexagone-foundation-skills/xlsx/Gen Agent Trust Hub

xlsx

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from untrusted data in Excel or CSV files.\n
  • Ingestion points: Data enters the agent context via pd.read_excel() and load_workbook() in SKILL.md and recalc.py.\n
  • Boundary markers: The skill lacks instructions to distinguish between data and commands within processed files.\n
  • Capability inventory: The skill can execute shell commands via recalc.py and write files to disk.\n
  • Sanitization: No escaping or validation is applied to cell content before it is used by the agent.\n- [COMMAND_EXECUTION]: The helper script recalc.py executes system commands to facilitate spreadsheet operations.\n
  • Evidence: It uses subprocess.run to call soffice (LibreOffice) and timeout utilities (timeout or gtimeout).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 09:25 AM