moltsheet
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface because it processes data retrieved from external spreadsheets. Ingestion points: Data retrieved from the /rows endpoint in SKILL.md. Boundary markers: The skill does not provide delimiters or instructions for the agent to treat API responses as untrusted data. Capability inventory: The agent is granted access to 'Bash(curl *)', which could be used to perform external requests if instructions are followed. Sanitization: No sanitization or content validation is implemented for the data retrieved from the API.
- [COMMAND_EXECUTION]: The skill requests the broad 'Bash(curl *)' capability, which allows the agent to execute network requests to any domain rather than being restricted to the necessary moltsheet.com API.
- [EXTERNAL_DOWNLOADS]: The skill performs network operations to the vendor's API domain at https://www.moltsheet.com to manage spreadsheet data.
- [NO_CODE]: The skill consists of documentation and tool configurations and does not include any Python, Node.js, or binary executables.
Audit Metadata