wecom-smartsheet-data
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests data from external smartsheets which could contain malicious instructions.
- Ingestion points: Data is retrieved from external sheets using the
smartsheet_get_recordsfunction as described inSKILL.mdandreferences/api-get-records.md. - Boundary markers: There are no instructions or delimiters defined to separate untrusted data from the agent's system instructions or to ignore embedded commands.
- Capability inventory: The skill possesses powerful capabilities to modify or delete data via
smartsheet_add_records,smartsheet_update_records, andsmartsheet_delete_records. - Sanitization: The documentation does not specify any sanitization or validation of the text content retrieved from cells before it is processed by the agent.
- [COMMAND_EXECUTION]: The skill functions by executing system commands through the
wecom_mcpCLI tool. This allows the agent to perform administrative document operations based on natural language inputs.
Audit Metadata