Back to skill

Security audit

Google Sheets API

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Google Sheets automation skill that can use a service-account key to read and change spreadsheets the service account can access.

Install only if you are comfortable giving the skill access to a Google service-account key. Use a dedicated least-privilege service account, share only the needed spreadsheets, keep the key out of the repository, and review any write, clear, deleteSheet, batchWrite, or raw batch command before running it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill clearly relies on environment variables and outbound network access to Google APIs, yet no declared permissions are documented. Undeclared capabilities reduce transparency and can bypass least-privilege review, making it easier for an agent to access secrets and exfiltrate or modify remote data without explicit operator awareness.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The documentation advertises write, clear, deleteSheet, renameSheet, batchWrite, and raw batch update operations without prominent warnings that they can irreversibly change or destroy spreadsheet data. In an agent setting, this increases the risk of accidental destructive actions because users may invoke powerful commands without understanding their effects.

Credential Access

High
Category
Privilege Escalation
Content
- `GOOGLE_SERVICE_ACCOUNT_KEY` (file path)
- `GOOGLE_SHEETS_KEY_FILE` (file path)
- `GOOGLE_APPLICATION_CREDENTIALS` (file path)
- `./service-account.json`, `./credentials.json`, `./google-service-account.json`
- `~/.config/google-sheets/credentials.json`

## Input conventions
Confidence
91% confidence
Finding
credentials.json

Credential Access

High
Category
Privilege Escalation
Content
- `GOOGLE_SHEETS_KEY_FILE` (file path)
- `GOOGLE_APPLICATION_CREDENTIALS` (file path)
- `./service-account.json`, `./credentials.json`, `./google-service-account.json`
- `~/.config/google-sheets/credentials.json`

## Input conventions
- JSON values can be inline or loaded from file using `@path`.
Confidence
91% confidence
Finding
credentials.json

Unpinned Dependencies

Low
Category
Supply Chain
Content
"help": "node scripts/sheets-cli.js help"
  },
  "dependencies": {
    "googleapis": "^140.0.0"
  }
}
Confidence
94% confidence
Finding
"googleapis": "^140.0.0"

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.