The Agent Skills Directory

[DATA_EXFILTRATION]: The documentation in SKILL.md explicitly encourages a highly insecure sharing practice by instructing the agent to execute spreadsheet.share("", perm_type="anyone", role="writer"). This command makes the resulting Google Sheets publicly accessible and editable by anyone with the link, bypassing standard access controls.
[CREDENTIALS_UNSAFE]: The SKILL.md file contains a hardcoded service account email address (booking-preferences@rainbot.iam.gserviceaccount.com). While not a private key, hardcoding specific service identities in public instructions is a poor security practice.
[METADATA_POISONING]: The 'Pitfalls' section in SKILL.md contains technical instructions for web3.py, Ethereum RPC endpoints (ethereum-rpc.publicnode.com), and blockchain log fetching. These instructions are entirely unrelated to the skill's primary purpose of managing Google Drive and Sheets, which may cause logic confusion or lead the agent to attempt unauthorized network operations.
[COMMAND_EXECUTION]: The skill uses uv run for execution and references specific local binary paths (e.g., ~/.nvm/versions/node/v24.11.0/bin/gws), creating a dependency on the host environment's specific file structure and potentially executing unverified binaries.
[EXTERNAL_DOWNLOADS]: The script and documentation facilitate downloads and API interactions with Google Cloud services (googleapis.com). While these are well-known services, the script requests broader OAuth scopes (drive) than those claimed in the documentation (drive.readonly), granting the skill more permissions than stated.

gdrive-sheets-compute