Log Automation — Append log entries to Google Sheet

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Google Sheets logger, with credential use and sheet updates disclosed and aligned with its purpose.

Install only if you trust PortEden CLI access to your Google Drive/Sheets account. Configure the sheet deliberately, review token scope, and avoid logging secrets, API keys, personal data, regulated records, or confidential prompts unless the destination sheet has appropriate access controls and retention rules.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill is explicitly designed to append logs and audit trails to a Google Sheet, but it does not warn against sending secrets, personal data, tokens, or other sensitive operational content to a third-party spreadsheet. In an agent context, log messages often contain prompts, user data, identifiers, errors, or credentials, so omission of data-classification guidance creates a realistic risk of inadvertent disclosure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal