Gigasheet

Security checks across malware telemetry and agentic risk

Overview

This Gigasheet skill appears to be a legitimate integration, but it gives an agent broad authenticated ability to delete, share, export, and directly call Gigasheet APIs without enough built-in confirmation guidance.

Install only if you are comfortable giving an agent delegated access to your Gigasheet account through Membrane. Use the least-privileged account available, verify the CLI package before global installation, and require explicit confirmation before any delete, share, export, user/team, or raw proxy operation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill documents destructive capabilities such as deleting rows and deleting files without any requirement for explicit user confirmation, safety checks, or warnings. In an agent setting, this increases the risk of accidental or premature destructive actions being executed against real user data.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The proxy request section enables arbitrary authenticated API access, including potentially destructive HTTP methods, but does not warn about data exfiltration, unsafe endpoint use, or the need to validate method, path, and payload against user intent. Because Membrane injects authentication automatically, misuse could send sensitive data or perform damaging operations with little friction.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal