Google Sheets via gog
Security checks across malware telemetry and agentic risk
Overview
This skill appears to do what it says for Google Sheets, but it unnecessarily requires users to store a login and password-style secret even though its documented workflow uses local OAuth.
Review before installing. Use it only if you are comfortable letting gog access and modify your Google Sheets, and avoid placing a real Google password or app-specific secret in OpenClaw config unless the publisher clearly explains why it is required. Verify the spreadsheet ID, tab, range, and operation before approving any write, delete, or broad formatting action.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
62/62 vendors flagged this skill as clean.