Skills
skills/dream-num/skills/univer-cli/Gen Agent Trust Hub

univer-cli

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes standard shell utilities such as awk, sed, and python3 to perform data transformations within shell pipelines (e.g., in references/shell-patterns.md). This is part of the intended functionality for rectangular data processing.
  • [COMMAND_EXECUTION]: The univer run command executes JavaScript snippets within the spreadsheet engine to perform workbook-local logic, such as styling and structural changes (e.g., in references/run-api.md). The code is executed in a bounded environment using the univerAPI global.
  • [EXTERNAL_DOWNLOADS]: The skill installs the univer-cli package from the official NPM registry. Both the package and the referenced documentation repositories are owned by the verified vendor dream-num.
  • [DATA_EXPOSURE]: No sensitive data exposure or exfiltration patterns were detected. The skill operations are restricted to local workbook files (.univer, .xlsx, .csv) as specified by the user's task.
  • [PROMPT_INJECTION]: The skill does not contain instructions that attempt to override agent safety guidelines or extract system prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 07:19 PM