ClawHub
Back to skill

Security audit

Google Sheets API

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Google Sheets automation skill, but it can read and change spreadsheets shared with its service account.

Install only if you are comfortable giving it a Google service-account key. Use a dedicated service account, share only the specific spreadsheets needed, keep the key private, prefer read-only workflows when possible, and manually review any clear, deleteSheet, write, batchWrite, or raw batch command before running it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill documentation describes capabilities that rely on environment variables and outbound network access, but it does not declare permissions or provide explicit capability boundaries. In an agent ecosystem, this mismatch can cause operators to grant or inherit broader access than expected, reducing transparency and increasing the chance of unintended credential use or remote data access.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill advertises write, append, clear, deleteSheet, renameSheet, merge, batchWrite, and raw batch operations without a prominent warning that these actions can irreversibly modify or destroy spreadsheet data. In an automated agent context, this increases the risk of accidental destructive actions because users may treat the commands as routine data access rather than privileged mutation operations.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.