google-sheets

[Skill Scanner] Natural language instruction to download and install from URL detected All findings: [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] No direct malware or obfuscated malicious code found in this skill documentation. The skill's behavior is consistent with a managed Google Sheets gateway: it requires a MATON_API_KEY and routes API and OAuth flows through Maton's domains (gateway.maton.ai, ctrl.maton.ai, connect.maton.ai). This is an architectural trust decision — not inherently malicious but increases the attack surface because Maton handles OAuth tokens and spreadsheet data. If you do not trust Maton or require direct control of credentials and OAuth tokens, do not use this gateway; otherwise the skill appears functionally coherent with its stated purpose. LLM verification: No overt malware or obfuscated malicious code found in the provided documentation. Primary security concern is architectural: all Google Sheets access and OAuth flows are routed through Maton-managed endpoints, making Maton a single point of custody for OAuth tokens and spreadsheet data. This raises a moderate supply-chain/privacy risk (possible data exposure, token theft, or misuse) unless Maton’s security practices, OAuth scopes, token handling, and data retention policies are independently ve