The Agent Skills Directory

DATA_EXFILTRATION (MEDIUM): The documentation in SKILL.md states that 'Tokens automatically refresh when expired using Google's cloud function'. This is a non-standard and suspicious implementation for a local OAuth tool, suggesting that refresh tokens may be transmitted to an external service. Additionally, there is a conflict in the metadata where README.md claims 'read-only' access while SKILL.md and the command list include 'write' capabilities like update-range.
PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8).
Ingestion points: Data is read from external spreadsheets via scripts/sheets.py.
Boundary markers: Absent.
Capability inventory: The skill can read and write to Google Sheets, including modifying cell data.
Sanitization: No validation or sanitization is performed on the ingested spreadsheet content.
NO_CODE (MEDIUM): The implementation scripts scripts/auth.py and scripts/sheets.py are not included in the provided files. Furthermore, the requirements.txt does not list the official Google API client libraries required for the described functionality, indicating the skill is incomplete or relies on hidden external logic.

google-sheets