Skills
skills/witanlabs/witan-cli/xlsx-code-mode/Gen Agent Trust Hub

xlsx-code-mode

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the witan CLI tool to perform workbook operations, including rendering and calculations. There is an inherent risk of command injection if workbook file names or paths are not properly sanitized before being passed to the CLI.\n- [REMOTE_CODE_EXECUTION]: The skill employs a code-generation approach where the agent writes JavaScript scripts to be executed in a sandboxed environment on the remote Witan API server.\n- [DATA_EXFILTRATION]: Local Excel workbook data, including cell values and metadata, are sent to the Witan API for processing. This behavior is documented and aligns with the tool's cloud-based execution model.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8) because it reads and processes potentially untrusted content from spreadsheet cells.\n
  • Ingestion points: Data read from workbook cells and sheets through functions such as xlsx.readCell, xlsx.readRange, and xlsx.readRangeTsv in SKILL.md.\n
  • Boundary markers: Absent.\n
  • Capability inventory: Includes shell command execution via the witan CLI, file system writes via the --save and --output flags, and network communication with the Witan API.\n
  • Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 07:24 PM