spreadsheet-struct-verified
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill implements a workflow that generates a Python script (
verify_workbook.py) from an embedded template. This script is then executed via the shell or code sandbox to perform deterministic validation of Excel files. While used for verification, the dynamic generation and execution of code is a significant capability. - [EXTERNAL_DOWNLOADS]: The skill instructions suggest the potential need to install the
openpyxllibrary usingpip.openpyxlis a standard, well-known package for spreadsheet manipulation. - [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes untrusted data from external Excel workbooks.
- Ingestion points: Excel files are loaded via
openpyxl.load_workbook()in the generated verification script, which reads sheet names, headers, and cell values. - Boundary markers: There are no explicit markers or 'ignore' instructions provided to the agent to distinguish between the verification logic and potentially malicious content within the spreadsheets.
- Capability inventory: The skill has the ability to execute shell commands, run Python code in a sandbox, and read/write to the filesystem.
- Sanitization: The verification script performs basic sanitization by casting cell values to strings using
str(cell_value).strip(), which helps mitigate but does not fully eliminate the risk of content influencing the agent's interpretation of results.
Audit Metadata