Xlsx Anthropic

The skill bundle contains highly irregular and high-risk behaviors, specifically the on-the-fly compilation of a C-based shim and the use of LD_PRELOAD to intercept system calls (socket, listen, accept) to bypass sandbox restrictions (scripts/office/soffice.py). Additionally, it performs application-level modification by writing a StarBasic macro to the user's LibreOffice configuration directory to facilitate formula recalculation (scripts/recalc.py). While these actions are functionally justified within the documentation to enable LibreOffice in restricted environments, the combination of dynamic code execution, system call shimming, and configuration persistence represents a significant attack surface and behavior typically associated with evasion or advanced persistence.