Skills
skills/zlanqing/codex-claude-academic-skills/xlsx/Gen Agent Trust Hub

xlsx

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: Local command execution for functional support.
  • scripts/recalc.py uses subprocess.run to call soffice (LibreOffice) for mandatory formula recalculation.
  • scripts/office/validators/redlining.py utilizes subprocess.run to invoke git for comparing document versions during validation.
  • [COMMAND_EXECUTION]: Runtime compilation and process injection.
  • scripts/office/soffice.py executes gcc at runtime to compile a hardcoded C shim (lo_socket_shim.c) into a shared object.
  • The script then utilizes the LD_PRELOAD environment variable to inject this shim into the soffice process. This mechanism is designed to work around potential AF_UNIX socket restrictions in sandboxed environments, ensuring the recalculation engine can start correctly. While dynamic compilation and process injection are high-risk patterns, the logic is hardcoded and serves a primary functional requirement documented in the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 09:49 AM
Security Audit — agent-trust-hub — xlsx