excel-toolkit

Security checks across malware telemetry and agentic risk

Overview

This skill is a local Excel workbook helper whose file-reading and file-writing behavior matches its stated spreadsheet purpose, with dependency hygiene and documentation clarity caveats.

Install in an isolated Python environment and pin current patched versions of openpyxl and pandas where possible. Use backups or save to new output files before deleting sheets, merging workbooks, or processing spreadsheets from untrusted sources.

SkillSpector

By NVIDIA

Vulnerability Patterns

Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (5)

Description-Behavior Mismatch

Medium

Confidence: 91% confidence
Finding: The README for an Excel-focused skill advertises unrelated capabilities such as workflow execution, database operations, chart generation, and Feishu Sheets integration. In an agent skill context, this can mislead orchestration or users into invoking broader functionality than declared, increasing the attack surface and creating opportunities for unauthorized data access or unintended tool routing.

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The README prominently documents destructive and persistent operations such as writing cells, deleting sheets, saving files, converting formats, and merging workbooks without warning about overwriting or modifying user data. In an agent setting, this raises the risk of unsafe autonomous file edits because users and higher-level systems are not prompted to use backups, confirmation steps, or output-to-new-file defaults.

Unpinned Dependencies

Low

Category: Supply Chain
Content: openpyxl pandas
Confidence: 94% confidence
Finding: openpyxl

Unpinned Dependencies

Low

Category: Supply Chain
Content: openpyxl pandas
Confidence: 94% confidence
Finding: pandas

Known Vulnerable Dependency: openpyxl — 2 advisory(ies): CVE-2017-5992 (Improper Restriction of XML External Entity Reference in Openpyxl); CVE-2017-5992 (Openpyxl 2.4.1 resolves external entities by default, which allows remote attack)

High

Category: Supply Chain
Confidence: 83% confidence
Finding: openpyxl

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal