Back to skill

Security audit

Sheetsmith

Security checks across malware telemetry and agentic risk

Overview

Sheetsmith appears to be a spreadsheet-processing skill whose file reads and writes are expected for its purpose, with no evidence of hidden persistence or data theft.

Install this if you want an agent to manipulate local spreadsheets, but keep backups of important files, prefer writing to a new output path before using in-place mode, and only allow sharing results externally when you explicitly ask for it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill advertises and instructs use of a Python CLI that can write files (`--output`, `--inplace`) and invoke shell/Python execution paths, yet the skill metadata shown here declares no corresponding permissions. That mismatch is a real security issue because agents or reviewers may treat the skill as lower-risk than it is, while it can modify user data and operate on arbitrary filesystem paths.

VirusTotal

53/53 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dynamic_code_execution

Dynamic code execution detected.

Critical
Code
suspicious.dynamic_code_execution
Location
scripts/sheetsmith.py:123