Excel Studio
Security checks across malware telemetry and agentic risk
Overview
This appears to be a coherent Excel-generation helper, with the main user-visible caution that it uses local Python commands and unpinned spreadsheet libraries.
This skill looks appropriate for creating Excel files. Before installing or using it, be aware that it may require installing Python packages and running generated Python locally; review those commands and avoid running them in directories where accidental file overwrites would matter.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the dependencies may fetch current package versions from the package index, which could behave differently in the future.
The skill documents installing external Python packages without version pins or an install spec. These packages are expected for Excel generation, but unpinned dependencies can change over time.
dependencies: "pip install openpyxl xlwt"
Prefer pinned, reviewed dependency versions if using this in a sensitive environment.
The agent may run a local Python script to create spreadsheet files on the user's machine.
The skill instructs use of a local Python here-document script to generate spreadsheets. This is central to the stated purpose and is disclosed, but it is still local code execution.
```python python3 << 'PYEOF' import os from openpyxl import Workbook
Review the generated command and output location before running it, especially when handling important or sensitive spreadsheet data.