Cellbreak: Grist’s Pyodide Sandbox Escape and the Data-at-Risk Blast Radius

**Executive Summary:** Cyera Research Labs discovered a critical Pyodide sandbox escape in Grist‑Core that allows malicious spreadsheet formulas to achieve remote code execution (CVSS 9.1) via multiple reliable paths (builtins traversal to os.system, ctypes.CDLL(None).system, and emscripten_run_script_string); Grist released a patch (Grist 1.7.9) running Pyodide under Deno by default, but the risk persists if operators bypass Deno (GRIST_PYODIDE_SKIP_DENO=1).