Ramp's Sheets AI contains a critical security vulnerability allowing attackers to exfiltrate confidential financial data through prompt injection attacks. The vulnerability enables malicious formulas to be inserted without user approval, creating a serious risk for businesses using the AI-powered spreadsheet tool.

Attackers craft hidden prompt injections in external datasets that manipulate the AI to insert network-triggering formulas containing sensitive financial information. PromptArmor responsibly disclosed this issue to Ramp, which confirmed resolution on March 16, 2026, after a delayed response due to transition between disclosure programs.

A nearly identical vulnerability was discovered in Claude for Excel by the same researchers. Anthropic remediated the issue by implementing red warning interstitials that display full formulas before insertion. This case highlights the growing security challenges in AI-powered productivity tools that require careful human oversight.