扫描报告
0 /100
xlsx
Comprehensive spreadsheet creation, editing, and analysis with support for formulas, formatting, data analysis, and visualization
Legitimate Excel spreadsheet skill with openpyxl and LibreOffice for formula recalculation; all capabilities are appropriate for the documented purpose with no malicious indicators.
可以安装
No action needed. The skill is safe to use.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | WRITE | WRITE | ✓ 一致 | recalc.py:79 openpyxl writes for Excel files |
| 命令执行 | NONE | WRITE | ✓ 一致 | recalc.py:76 subprocess.run(cmd) for LibreOffice -- benign, tool-scoped |
| 网络访问 | NONE | NONE | — | No network calls outside localhost LibreOffice |
| 环境变量 | NONE | NONE | — | No os.environ access |
| 剪贴板 | NONE | NONE | — | No clipboard access |
| 浏览器 | NONE | NONE | — | No browser usage |
| 数据库 | NONE | NONE | — | No database access |
| 技能调用 | NONE | NONE | — | No skill_invoke usage |
3 项发现
中危 外部 URL 外部 URL
https://www.anthropic.com/legal/consumer-terms LICENSE.txt:8 中危 外部 URL 外部 URL
https://www.anthropic.com/legal/commercial-terms LICENSE.txt:9 中危 外部 URL 外部 URL
http://openoffice.org/2000/script recalc.py:38 目录结构
3 文件 · 18.1 KB · 497 行 Markdown 1f · 288L
Python 1f · 179L
Text 1f · 30L
├─
LICENSE.txt
Text
├─
recalc.py
Python
└─
SKILL.md
Markdown
安全亮点
✓ No credential or sensitive data access (no ~/.ssh, ~/.aws, .env, ~/.git-credentials)
✓ No data exfiltration or C2 communication
✓ No obfuscation (no base64, eval, atob patterns)
✓ No supply chain risks (no external dependencies fetched at runtime)
✓ No persistence mechanisms (no cron, systemd, or startup hooks)
✓ Subprocess usage is tightly scoped to LibreOffice binary and macro execution
✓ LibreOffice macro write is confined to its own config directory (~/.config/libreoffice)
✓ No curl|bash or wget|sh remote script execution
✓ No hidden instructions or prompt injection
✓ All file I/O is legitimate openpyxl read/write for Excel operations