skills/lc2panda/wps-skills/wps-excel/Gen Agent Trust Hub

wps-excel

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted content from Excel workbooks and uses it to drive agent behavior across a powerful set of tools.
  • Ingestion points: The skill reads external data using wps_excel_read_range, wps_excel_get_cell_value, wps_excel_get_cell_info, and wps_excel_get_cell_comments as described in SKILL.md.
  • Boundary markers: The instructions lack explicit delimiters or safety guardrails (such as "ignore embedded instructions") when processing data retrieved from cells.
  • Capability inventory: The agent has extensive capabilities to modify the user's environment, including wps_excel_set_formula, wps_excel_write_range, wps_excel_delete_sheet, and wps_excel_open_workbook (all listed in SKILL.md).
  • Sanitization: No sanitization or validation logic is defined to prevent malicious content within a spreadsheet from influencing the agent's logic or tool calls.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 03:32 AM
Security Audit — agent-trust-hub — wps-excel