NYC

google-sheets

Warn

Audited by Snyk on Feb 15, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). This skill issues API calls to Google Sheets (e.g., "Read Cell Values", "Read Entire Sheet", and the "Read with API Key (Public Sheets)" examples) to fetch spreadsheet contents, which can be arbitrary user-generated or public data and would be read/interpreted by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 15, 2026, 08:26 PM