Spreadsheet
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: spreadsheet Version: 1.0.0 The skill is classified as suspicious due to its direct handling of sensitive API credentials (`credentials.json`) for Google Sheets authentication, as explicitly instructed in `google-sheets.md` and referenced in `memory-template.md`. While necessary for the skill's functionality, this introduces a high-risk operation. Although `SKILL.md` states the skill 'NEVER stores passwords, API keys', it instructs the agent to load and use a file containing them, creating a potential vulnerability if the agent is compromised or if file paths are manipulated (e.g., via path traversal). The skill also performs extensive file I/O operations on user-provided paths, which, without robust input sanitization, could lead to arbitrary file read/write vulnerabilities.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked for a write task, the agent may change cells or append rows in a Google Sheet.
The skill documents Google Sheets update and append operations, which can modify remote spreadsheet data. This is purpose-aligned for a spreadsheet read/write skill and the SKILL.md says spreadsheets should be user-requested.
service.spreadsheets().values().update(...).execute(); service.spreadsheets().values().append(...).execute()
Review target spreadsheet IDs, ranges, and values before approving write operations, and keep backups for important sheets.
A configured service account could read and modify Google Sheets that you share with it.
The Google Sheets workflow uses a service-account credential with spreadsheet API scope and requires Editor access on shared sheets. This is expected for automation, but it grants meaningful read/write authority over sheets shared with that account.
Credentials.from_service_account_file('credentials.json', scopes=['https://www.googleapis.com/auth/spreadsheets']) ... Service account needs Editor accessUse a dedicated service account, share only the specific sheets needed, protect the credentials file, and revoke access when no longer needed.
Spreadsheet metadata may persist across sessions and influence later spreadsheet tasks.
The skill intentionally stores persistent spreadsheet metadata for reuse. This is disclosed and scoped to ~/spreadsheet/, but the stored context may include private sheet identifiers, paths, schemas, and preferences.
Memory lives in `~/spreadsheet/` ... `memory.md` # Preferences, recent sheets, format rules ... `projects/{name}.md` # Sheet IDs, columns, formulasPeriodically review ~/spreadsheet/, avoid storing secrets or sensitive financial details there, and remove stale or incorrect project memory.