ChatGPT for Google Sheets Exfiltrates Workbooks

ChatGPT for Google Sheets allows exfiltration of workbooks and overwrites the sidebar with attacker-controlled interfaces. A single indirect prompt injection in a user sheet triggers exfiltration of multiple workbooks and deploys a phishing overlay. The vulnerability occurs when untrusted data sources manipulate ChatGPT to run external scripts using user permissions. OpenAI's extension has 185,000 downloads within a month of launch. This flaw bypasses human approval settings and requires no user interaction to exploit.