excel-cli
Warn
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires a custom CLI tool (excelcli) to be executed via the host's shell to perform Excel operations. Evidence: SKILL.md and references/cli-commands.md.
- [EXTERNAL_DOWNLOADS]: The skill points users to download the CLI tool from the author's GitHub repository (github.com/sbroenne/mcp-server-excel) and the NuGet registry (Sbroenne.ExcelMcp.CLI). Evidence: README.md.
- [REMOTE_CODE_EXECUTION]: The skill exposes command groups (vba, powerquery) that allow the agent to import and run arbitrary VBA procedures and evaluate Power Query M code. Evidence: references/cli-commands.md. These features enable arbitrary code execution within the Microsoft Excel process context.
- [DATA_EXFILTRATION]: The skill includes capabilities to read cell values (range get-values) and capture screenshots of worksheets (screenshot capture), allowing for the extraction of data from processed workbooks. Evidence: references/cli-commands.md.
- [REMOTE_CODE_EXECUTION]: Indirect Prompt Injection Surface. Ingestion points: Excel workbooks, CSV/JSON data files (via --values-file, --rows-file), and batch input files (--input commands.json). Boundary markers: Absent. Capability inventory: Shell command execution (excelcli), VBA execution (vba run), and Power Query evaluation (powerquery evaluate). Sanitization: Absent; input strings are passed directly to the CLI tool.
Audit Metadata