Xlsx Anthropic
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
On a shared or compromised local environment, recalculating spreadsheets could cause LibreOffice to load unexpected native code.
The helper can LD_PRELOAD a native shared library from a fixed temp-file path and reuses an existing file without validating its contents or ownership. If that file is stale or planted in a shared temp directory, LibreOffice could load unintended native code.
_SHIM_SO = Path(tempfile.gettempdir()) / "lo_socket_shim.so"
...
if _SHIM_SO.exists():
return _SHIM_SO
...
env["LD_PRELOAD"] = str(shim)Use only in a trusted/sandboxed environment until fixed. The maintainer should create the shim in a private per-run directory with restrictive permissions, refuse preexisting files, verify the compiled artifact, and avoid LD_PRELOAD when possible.
The skill may run or require local programs that are not obvious from the registry metadata, and it may fail or behave differently depending on the host environment.
The metadata does not declare runtime binaries, but SKILL.md states LibreOffice is required and the included soffice helper invokes local binaries such as soffice and gcc. This is under-declared rather than clearly malicious.
Required binaries (all must exist): none ... Install specifications: No install spec — this is an instruction-only skill.
Declare LibreOffice/soffice and any compiler dependency explicitly, or make the native shim optional and user-approved.