Excel Workflow
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: excel-workflow Version: 1.0.0 The skill is classified as suspicious due to its reliance on high-privilege operations and potential for command injection vulnerabilities. It requires `rclone` with 'Full access' to Google Drive, which, while necessary for its stated purpose of syncing Excel files, grants broad permissions. The `SKILL.md` demonstrates the AI agent executing CLI commands (`excel-workflow process`, `query`, `update`) with user-controlled input (file paths, query strings, JSON data). Although the skill's instructions themselves do not contain malicious prompt injection, this pattern exposes a significant vulnerability surface for command injection if the agent or the underlying `excel-workflow` tool does not rigorously sanitize user inputs before execution.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Granting full Drive access means the configured tool could potentially read or modify much more than the intended Excel backup folder.
The documented workflow only targets `gdrive:Excel/`, but the setup asks for full Google Drive access through rclone.
Follow prompts: - Name: `gdrive` - Storage: `drive` (Google Drive) - Scope: `1` (Full access)
Use the least-privileged rclone/Google Drive scope possible, preferably a dedicated Drive folder or account, and do not grant full Drive access unless you trust the implementation.
Users would need to obtain or rely on unreviewed helper tools before the workflow can perform high-impact file and Google Drive operations.
The skill documentation depends on local executables for processing, updating, and Drive sync, but those executable components are not supplied or provenance-backed in the reviewed artifacts.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill. No code files present — this is an instruction-only skill.
Install only from a verified source, inspect the helper scripts before use, and prefer a package that includes reviewed code, pinned dependencies, and a real homepage or repository.
A mistaken interpretation of a user request could alter important spreadsheet data or formulas.
The update workflow is purpose-aligned, but it gives the agent a path to modify spreadsheet cells and then re-upload the changed file.
excel-workflow update '{"C2": 100, "C3": 200}' [--file filename.xlsx] ... "message": "✅ Updated and re-uploaded to Google Drive"Review proposed cell changes before running updates, keep backups, and avoid broad mass updates unless the target range is clear.
Uploaded spreadsheets may contain financial, business, or personal data that will be stored in the connected Google Drive account.
The Google Drive upload is clearly disclosed and purpose-aligned, but it moves spreadsheet content to an external provider.
The workflow automatically: 1. Analyzes file structure (sheets, formulas) 2. Uploads to Google Drive (`gdrive:Excel/`) 3. Saves metadata to SQLite tracker
Only process spreadsheets you are comfortable storing in Google Drive, and use a dedicated folder or account for sensitive workflows.
Local history may reveal spreadsheet names, file paths, formulas, and usage timestamps after the original task is complete.
The skill stores spreadsheet metadata and formulas in a persistent local tracker for later listing and querying.
SQLite database at `~/.openclaw/excel_tracker.db` ... Tracks: filename, sheets, formulas, paths, timestamps
Check or delete the tracker database when needed, and avoid processing highly sensitive files unless this persistence is acceptable.