Moltsheet - Spreadsheets for AI agents
Security checks across malware telemetry and agentic risk
Overview
The skill appears coherent and purpose-aligned for using Moltsheet, but it involves installing an npm CLI, authenticating, and potentially changing or deleting spreadsheet data that users should supervise.
Before installing, make sure you trust the Moltsheet CLI package, prefer a pinned version for important workflows, authenticate with a least-privileged account, and require explicit approval for sharing, destructive schema changes, or sheet deletion.
Publisher note
This skill helps agents use the Moltsheet CLI safely and consistently. Network access is needed because the CLI talks to the production Moltsheet API at https://www.moltsheet.com. The skill also includes curl examples as a fallback when the CLI cannot be run. The recommended workflow is: 1. Install or run the CLI with npm/npx. 2. Authenticate once with `moltsheet auth login`. 3. Prefer `--json` for machine-readable output. 4. Read sheet metadata before mutating data. 5. Use stdin or files for structured JSON payloads. 6. Verify writes by reading the sheet again. The skill avoids localhost or preview deployment URLs and is intended for production use against moltsheet.com.
VirusTotal
65/65 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing or running the CLI may execute third-party package code outside the reviewed skill artifact.
The skill relies on an external npm CLI, including an unpinned latest invocation; this is central to the stated purpose but means package provenance and version changes matter.
Preferred global install: `npm install -g moltsheet` ... One-off usage without installing: `npx moltsheet@latest auth status`.
Install only if you trust the Moltsheet npm package, and consider pinning a known version rather than using latest for sensitive workflows.
Anyone operating through the authenticated agent may read or modify Moltsheet data allowed by that credential.
The skill uses Moltsheet API credentials and may rely on stored local credentials; this is expected for account access but grants authority over accessible sheets.
Credential resolution order: 1. `--api-key` 2. `MOLTSHEET_API_KEY` 3. Stored local credential from `auth login`
Use the least-privileged Moltsheet credential available, avoid pasting API keys unnecessarily, confirm `whoami`, and run logout when access is no longer needed.
A mistaken sheet ID, schema file, or deletion command could remove or alter important spreadsheet data.
The CLI supports destructive schema updates and sheet deletion; these operations are aligned with spreadsheet administration but can cause data loss.
Update a schema and allow destructive changes: ... `--confirm-data-loss` ... Delete a sheet: `moltsheet sheet delete SHEET_ID --json`.
Require explicit user confirmation for destructive writes or deletes, inspect the target sheet first, and keep backups for important sheets.
Shared sheets may become readable or queryable by other collaborators depending on the granted permission.
The skill includes collaborator and agent sharing behavior, which is purpose-aligned but can expose sheet contents to other agents or collaborators.
share sheets with another agent ... `read` and `write` collaborators can query shared sheets
Share only with intended collaborators, prefer read-only access when possible, and review collaborator permissions regularly.