excel-cli
Warn
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's operation relies on the execution of the
excelclicommand-line tool. It directs the agent to build and run complex shell commands, including a 'batch mode' where the agent generates a JSON-formatted command list and executes it via the CLI. - [REMOTE_CODE_EXECUTION]: The skill exposes tools to import and execute VBA macros (
vba import,vba run) and Power Query M code (powerquery evaluate). These features enable the execution of arbitrary scripts within the context of Microsoft Excel on the host system. - [EXTERNAL_DOWNLOADS]: The documentation instructs users to install a global .NET tool (
Sbroenne.ExcelMcp.CLI) and provides PowerShell commands to download and extract binary executables from a GitHub releases page (sbroenne/mcp-server-excel). - [DATA_EXFILTRATION]: The skill includes parameters (
--format-dax,--format-m-code) that, if enabled, transmit user-provided DAX formulas or Power Query M code to external third-party web services (daxformatter.comandpowerqueryformatter.com) for formatting purposes. - [PROMPT_INJECTION]: The skill contains explicit instructions ("Rule 1: NEVER Ask Clarifying Questions") designed to override the agent's standard conversational behavior, forcing it to act autonomously by executing commands rather than seeking user confirmation or clarification.
Audit Metadata