shareSpreadsheet

ServerMcp Google Sheets
CategoryWrite

WHAT IT DOES

What shareSpreadsheet does on Mcp Google Sheets

AI agents use shareSpreadsheet to create or update resources in Mcp Google Sheets — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your Mcp Google Sheets environment.

THE RISK

Medium Risk

Why shareSpreadsheet needs a policy

shareSpreadsheet modifies access control and permissions on a spreadsheet by granting roles to recipients. This is a Write operation because permission changes are reversible (access can be removed later). It is not Destructive because no data is deleted or permanently lost.

From the tool's definition The tool 'shares the provided spreadsheet to the recipients' and 'sends a notification email to the users', which are reversible modifications (sharing permissions can be revoked, emails sent but are informational).

Documented attack patterns abuse exactly the kind of access shareSpreadsheet gives an agent:

POLICY

How to control shareSpreadsheet

PolicyLayer is an MCP gateway — it sits between your AI agents and Mcp Google Sheets, and nothing reaches the server without passing your rules. This is the rule we recommend for shareSpreadsheet:

policy.json

{
  "version": "1",
  "default": "deny",
  "tools": {
    "shareSpreadsheet": {
      "limits": [
        {
          "counter": "sharespreadsheet_rate",
          "window": "minute",
          "max": 30,
          "scope": "grant"
        }
      ]
    }
  }
}

shareSpreadsheet stays usable, but capped — an agent stuck in a loop can't make hundreds of changes a minute. Everything else on the server is denied unless you say otherwise.

Create a free account and register Mcp Google Sheets — nothing to install.
Add this policy — paste it, or build it visually.
Point your MCP client (Claude, Cursor, anything) at your gateway URL.

LIMIT THIS TOOL →

Free to start. No card required.

EXPLORE

Related tools and policies

More Mcp Google Sheets tools

Write addColumns Adds the specified number of columns to the specified sheet. Accepts spreadsheetId, sheetn Write addRows Adds the specified number of rows to the specified sheet. Accepts spreadsheetId, sheetname Write batchUpdate Updates a range of values using the batchUpdate function of google sheets. The ranges are Write copySheet Copies the contents of the source sheet to destination sheet. Accepts srcSpreadsheet, srcS Write create Creates a spreadsheet by taking the new sheet Write createSheet Creates a new sheet in the spreadsheet provided as an argument. Accepts spreadsheet id and Write renameSheet Renames the provided sheet. Accepts spreadsheet id, old name and new name of the sheet as Write updateCells Updates the values present in the cells specified in the given range for the provided shee

All 13 Mcp Google Sheets tools →

Write tools on other servers

M-Team MCP Server download_torrent YouTube MCP Server generate_video_title Android Forensics ADB MCP Server combine_reports 0xarchive web3_signup

Go deeper

The MCP Attack Database → Documented attack patterns against MCP deployments — and the policies that stop them.
Argument validation → Checking tool call arguments against schema and policy before they run.
Scoped token → Per-person credentials that grant a defined subset of servers and tools.
Rate Limiting MCP Tool Calls: A Practical Guide →
MCP Security: Why Prompt Guardrails Aren't Enough →

FAQ

Questions about shareSpreadsheet

What does the shareSpreadsheet tool do? +

Shares the provided spreadsheet to the recipients provided as an argument. Accepts recipients as an array of objects in the form of {email_address, role}. Also, sends a notification email to the users informing them about the access granted to them. It is categorised as a Write tool in the Mcp Google Sheets MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.

How do I enforce a policy on shareSpreadsheet? +

Register the Mcp Google Sheets MCP server in PolicyLayer and add a rule for shareSpreadsheet: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Mcp Google Sheets. Nothing to install.

What risk level is shareSpreadsheet? +

shareSpreadsheet is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.

Can I rate-limit shareSpreadsheet? +

Yes. Add a rate_limit block to the shareSpreadsheet rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block shareSpreadsheet completely? +

Set action: deny in the PolicyLayer policy for shareSpreadsheet. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides shareSpreadsheet? +

shareSpreadsheet is provided by the Mcp Google Sheets MCP server (rohans2/mcp-google-sheets). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every Mcp Google Sheets tool call.

Start from Mcp Google Sheets, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →

Free to start. No card required.

13 Mcp Google Sheets tools catalogued and risk-classified — across an index of 43,000+ MCP servers.