ClawHub
Back to skill

Security audit

Google Sheets

Security checks across malware telemetry and agentic risk

Overview

This Google Sheets skill is a disclosed remote integration for reading, editing, sharing, and exporting spreadsheets, with no evidence of hidden code execution or exfiltration.

Install only if you trust AgentPMT with access to the relevant Google Sheets. Before using share, domain, anyone, owner, delete, or export actions, confirm the exact spreadsheet, recipient, role, and file-retention need.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The schema exposes a `share` action that can grant access to a spreadsheet to a user, group, domain, or `anyone`, but the skill description does not clearly disclose this capability. Hidden or under-disclosed sharing functionality is dangerous because an agent or user may invoke it without appreciating that it can exfiltrate sensitive spreadsheet contents to external parties or make data publicly accessible.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The schema documents exporting spreadsheet data to File Manager in multiple formats without warning that this copies potentially sensitive data into another storage surface. This increases the risk of unintended data exposure, retention, and downstream sharing, especially when agents handle business or personal spreadsheet content.

Missing User Warnings

High
Confidence
96% confidence
Finding
The schema describes sharing a spreadsheet with `user`, `group`, `domain`, or `anyone` and allows powerful roles up to `owner`, yet provides no warning about exposure and access escalation risks. In this skill context, spreadsheets often contain operational, customer, or reporting data, so undocumented public or domain-wide sharing can quickly lead to major confidentiality breaches.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.