spreadsheet-source-validated
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [DYNAMIC_EXECUTION]: The skill provides patterns for the agent to write Python code to temporary files and execute them using the shell. This is used to handle complex spreadsheet logic that exceeds the limits of standard tools.
- [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill includes a connectivity check function using the
requestslibrary. While it targets trusted sources like the EPA, the troubleshooting section suggests disabling SSL certificate verification (verify=False), which is a security best-practice violation. - [INDIRECT_PROMPT_INJECTION]: The skill creates an attack surface by ingesting data from external files and URLs.
- Ingestion points: Processes local spreadsheets (e.g., input.xlsx, input_data.xlsx) and data from URLs in the alternative sources list.
- Boundary markers: Absent; no specific instructions are provided to the agent to ignore instructions embedded within the spreadsheet data.
- Capability inventory: The skill has the ability to execute shell commands and run Python scripts using the run_shell tool.
- Sanitization: Absent; integrity checks are limited to structural elements like sheet names and column headers, not the actual cell content.
Audit Metadata