ChatGPT for Google Sheets Extension Found Vulnerable to Data Theft
Original: ChatGPT for Google Sheets exfiltrates workbooks
Why This Matters
Highlights security risks in AI productivity tools handling sensitive business data
PromptArmor discovered a vulnerability in OpenAI's ChatGPT for Google Sheets extension that allows attackers to steal workbooks through indirect prompt injection. The extension, with over 185,000 downloads, can be compromised when users import untrusted data containing hidden malicious prompts.
Security researchers at PromptArmor found that ChatGPT for Google Sheets, launched less than a month ago with over 185,000 downloads, is vulnerable to data exfiltration attacks. A single indirect prompt injection can simultaneously steal multiple workbooks, display phishing pop-ups, and overwrite the GPT sidebar interface. The attack occurs when users import external data containing hidden malicious prompts that manipulate ChatGPT to execute attacker-controlled scripts using the extension's permissions. OpenAI responded by removing the model's ability to generate Apps Script code and stated they are re-evaluating sandboxing approaches. The vulnerability was responsibly disclosed but received minimal initial response from OpenAI.