Smartsheet

Security checks across malware telemetry and agentic risk

Overview

This Smartsheet skill appears legitimate, but it can change or delete business spreadsheet data through broad authenticated actions without clear confirmation safeguards.

Install only if you want an agent to operate on real Smartsheet data. Use a least-privileged Smartsheet/Membrane connection, avoid production workspaces unless necessary, and require the agent to confirm exact sheet, row, workspace, API method, and expected impact before any create, update, delete, or proxy request.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill explicitly advertises destructive operations such as deleting sheets, rows, and workspaces, but provides no guardrails requiring user confirmation, scope validation, or warnings before execution. In an agentic context, that omission increases the chance that a model could perform irreversible data-destructive actions based on ambiguous prompts or hallucinated intent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal