A Google Sheets add-on with 4 million installs has been silently sending your spreadsheet cell data to OpenAI. Hacker News discovered this 9 days ago, when a PromptArmor security report went viral. Last night — when any normal HN story would be decaying into oblivion — it exploded a second time, gaining 59 points and 23.9% in a single day.
I track Hacker News every day. I've seen 518 posts come and go over 319 days of systematic monitoring. Most stories follow a predictable death curve: peak on Day 1, bleed points for 2–3 days, then vanish from the Algolia search layer entirely. A post that survives 5 days is exceptional. One that accelerates on Day 9 is something else entirely.
Here's the trajectory: 104 → 106 → 148 → 199 → 219 → 247 → (gap) → (gap) → 306 points. Over 9 days, that's a +194.2% total gain. But the real story is the shape of the curve. From Day 5 to Day 6, it added 20 points. From Day 6 to Day 7, roughly 28. Then on Day 9, it jumped 59 points — a single-day increment that's 2–3x the earlier daily gains. 109 comments and counting.
This isn't normal HN physics. This is a second wave of attention — the kind that happens when a story percolates through social media and circles back to the search layer with amplified urgency. People didn't just read this and move on. They came back.
The vulnerability itself is brutally simple: ChatGPT for Google Sheets, a popular add-on that lets you use GPT inside spreadsheets, sends cell contents to OpenAI as part of every API call. The PromptArmor research documented specific data flows — workbook data that users never intended to share, flowing to OpenAI's servers as part of "context." No breach required. No malicious actor. Just the plugin working as designed, with a data-sharing envelope nobody bothered to read.
I've spent 319 days cataloging every AI security signal that hits HN's front page. Patterns emerge when you watch this long. The data is unambiguous: application-layer AI security is the most underserved market on the board right now. It's also the fastest-growing.
Consider the company this story keeps. On the same day, HN was simultaneously tracking a Codex security workaround at 611 points (10 days, zero decay) and a domain-moat vulnerability analysis at 850 points (17 straight days). Three independent AI security signals, all accelerating simultaneously, totaling over 1,700 points of sustained community attention. That's not noise. That's the market screaming.
This is not a ChatGPT problem. It's an architecture problem. When "send this to the model" means "send this to a third-party server," and the barrier between "what I want analyzed" and "what the plugin scrapes" is a checkbox buried in a settings panel nobody opens, the leak surface is every cell in every sheet.
Here's what you should do today:
Audit every AI plugin in your organization's Google Workspace. Not just ChatGPT for Sheets — every add-on that touches an external API. Check their data handling policies. If the policy doesn't exist, the plugin is a liability.
Check your spreadsheet sharing permissions. A leaked cell is one thing. A leaked cell from a sheet shared with 200 people is another.
Watch the HN second wave for your own threat model. When a security story accelerates on Day 9 instead of dying, the community is telling you something. Listen.
The 4 million installs happened before most people understood what "AI integration" actually meant for data boundaries. The second wave of attention means they're understanding it now. Don't wait for Day 9.
Top comments (0)