skills/rebyteai/rebyte-skills/xlsx/Gen Agent Trust Hub

xlsx

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes several internal utility scripts (xlsx_insert_row.py, libreoffice_recalc.py) that execute shell commands via subprocess.run. These commands are used to call other scripts within the skill's own package (e.g., xlsx_shift_rows.py) or the LibreOffice binary for formula recalculation. These calls are implemented using list-based arguments rather than shell strings, which is a best practice that mitigates command injection risks.
  • [DYNAMIC_EXECUTION]: The skill performs dynamic execution by running its own suite of Python scripts to manage complex spreadsheet operations. This behavior is necessary for the skill's primary purpose of surgical XML editing and does not involve executing untrusted or remote code.
  • [EXTERNAL_DOWNLOADS]: The documentation references standard, well-known Python packages like pandas and openpyxl. These are recognized as trusted dependencies and do not represent a security risk.
  • [DATA_EXPOSURE]: The skill processes user-provided spreadsheet files. While this involves reading and writing data, the operations are confined to the files explicitly targeted by the user's request. No unauthorized file access or network exfiltration was detected.
  • [INDIRECT_PROMPT_INJECTION]: The skill has an inherent ingestion surface for indirect prompt injection as it processes untrusted spreadsheet data.
  • Ingestion points: User-provided .xlsx, .xlsm, .csv, and .tsv files processed via xlsx_reader.py and pandas.
  • Boundary markers: The skill instructions do not currently specify boundary markers or directives to ignore instructions embedded within the spreadsheet data.
  • Capability inventory: File system access (read/write) and internal command execution.
  • Sanitization: The skill relies on standard library parsing and does not mention specific natural language sanitization for cell content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 01:44 PM
Security Audit — agent-trust-hub — xlsx