From 5b0b12c1f9e417082a7a14d1f9aa429cb5dc9f8c Mon Sep 17 00:00:00 2001
From: Geronimo Bergk <GBergk@horvath-partners.com>
Date: Sun, 16 Feb 2025 10:55:42 +0100
Subject: [PATCH 1/2] DOC: Add security note for Excel export with formula
 cells

---
 pandas/core/generic.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/pandas/core/generic.py b/pandas/core/generic.py
index 874ab1a3c944d..292f51f476aeb 100644
--- a/pandas/core/generic.py
+++ b/pandas/core/generic.py
@@ -2252,6 +2252,12 @@ def to_excel(
         and cell character count does not exceed Excel's limitations.
         All other limitations must be checked by the user.
 
+        Excel treats any cell starting with `=` as a formula, which can pose security
+        risks. To store such content as plain text, prepend an apostrophe (`'`), e.g.,
+        change `"=foobar"` to `"'=foobar"`. For `xlsxwriter`, you can use
+        `engine_kwargs={"options": {"strings_to_formulas": False}}` to disable formula
+        interpretation without prepending an apostrophe.
+
         Examples
         --------
 

From e7476d3fb6b396ffab4eea5555a9f7bce1ab2e64 Mon Sep 17 00:00:00 2001
From: Geronimo Bergk <GBergk@horvath-partners.com>
Date: Fri, 21 Feb 2025 15:52:21 +0100
Subject: [PATCH 2/2] more descriptive note on excel formula treatment

---
 pandas/core/generic.py | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/pandas/core/generic.py b/pandas/core/generic.py
index 292f51f476aeb..7f5ba1f71db7e 100644
--- a/pandas/core/generic.py
+++ b/pandas/core/generic.py
@@ -2252,11 +2252,17 @@ def to_excel(
         and cell character count does not exceed Excel's limitations.
         All other limitations must be checked by the user.
 
-        Excel treats any cell starting with `=` as a formula, which can pose security
-        risks. To store such content as plain text, prepend an apostrophe (`'`), e.g.,
-        change `"=foobar"` to `"'=foobar"`. For `xlsxwriter`, you can use
-        `engine_kwargs={"options": {"strings_to_formulas": False}}` to disable formula
-        interpretation without prepending an apostrophe.
+        Excel treats any cell starting with ``=`` as a formula, which can pose security
+        risks. To store such content as plain text, you can either:
+
+        * Prepend an apostrophe to the value, e.g. ``"'=foobar"``
+        * For ``xlsxwriter``, disable formula interpretation:
+
+          .. code-block:: python
+
+              df.to_excel(
+                  "path.xlsx", engine_kwargs={"options": {"strings_to_formulas": False}}
+              )
 
         Examples
         --------