google-sheets
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [PROMPT_INJECTION]: Potential for indirect prompt injection via external spreadsheet data.
- Ingestion points: The skill reads cell content and visual data from Google Sheets via browser_get_text and screenshots (SKILL.md).
- Boundary markers: Absent. There are no instructions to distinguish between spreadsheet data and agent instructions.
- Capability inventory: The agent is capable of browser navigation, coordinate-based clicks, and entering text or formulas into a web application.
- Sanitization: Absent. No logic is provided to sanitize or validate content retrieved from the sheets before processing.
- [EXTERNAL_DOWNLOADS]: Navigates to well-known Google services (sheets.google.com and drive.google.com) to perform spreadsheet automation.
- [NO_CODE]: The skill consists of markdown guidelines and workflow patterns without any executable scripts or binary files.
Audit Metadata