Skills
skills/dream-num/skills/univer-cli/Gen Agent Trust Hub

univer-cli

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill instructs the agent to install the univer-cli package via npm i -g univer-cli. This package is the core tool provided by the vendor for the skill's functionality.
  • [DYNAMIC_EXECUTION]: The skill uses univer run --file to execute agent-generated JavaScript scripts. This feature is intended for applying custom workbook logic using the univerAPI and is a documented capability of the tool.
  • [INDIRECT_PROMPT_INJECTION]: The skill creates a surface for indirect injection by processing external spreadsheet files (.xlsx, .csv, .univer).
  • Ingestion points: Files are imported and read via univer import, univer pipe in, univer search, and univer inspect.
  • Boundary markers: The instructions emphasize using the CLI's public interface, but do not provide specific delimiters for separating spreadsheet content from instructions in the agent's prompt.
  • Capability inventory: The skill can write to the local file system, execute JavaScript via the CLI, and synchronize data with remote servers.
  • Sanitization: No content sanitization is described for the data extracted from the workbooks before it is used by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 12:51 PM
Security Audit — agent-trust-hub — univer-cli