Skills
skills/gmwenterprise/useful-skills/excel-reader/Gen Agent Trust Hub

excel-reader

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted Excel data which could contain malicious instructions designed to influence the agent's behavior (indirect prompt injection).
  • Ingestion points: The packages/excel-reader/main.py script reads and extracts data from external .xlsx and .xlsm files.
  • Boundary markers: Absent. The output format does not wrap extracted data in delimiters to prevent the agent from misinterpreting it as commands.
  • Capability inventory: The skill utilizes file system access to read spreadsheets and executes code via Python and the openpyxl library.
  • Sanitization: The implementation uses data_only=True to retrieve calculated values rather than original formulas, which helps mitigate risks from malicious Excel formulas.
  • [EXTERNAL_DOWNLOADS]: The skill configuration specifies downloading Python packages from an external mirror.
  • Evidence: packages/excel-reader/pyproject.toml sets the package index to https://mirrors.aliyun.com/pypi/simple/ (Aliyun mirror).
  • [EXTERNAL_DOWNLOADS]: The skill scripts provide instructions to download and install the uv dependency manager from the official Astral website if it is not already installed on the system.
  • [COMMAND_EXECUTION]: The automation scripts execute shell commands to manage dependencies and launch the Python reader.
  • Evidence: The bash and PowerShell scripts in the scripts/ directory call uv sync and uv run to perform their tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 02:58 AM