This paper exposes critical security vulnerabilities in third-party plugin permission management within team workspaces: under multi-user collaboration and cross-application integration scenarios, plugins can bypass administrator-configured permission isolation mechanisms, leading to privilege escalation and unauthorized access. To address this, the authors systematically identify— for the first time—three prevalent classes of plugin-induced privilege escalation vulnerabilities and propose TAI, the first automated testing framework tailored for team workspace ecosystems. TAI integrates dynamic permission path analysis, cross-application interaction modeling, test case generation, and vulnerability validation. Empirical evaluation across mainstream collaboration platforms uncovers 41 reproducible instances of permission boundary violations, demonstrating the widespread prevalence of such flaws. The study thus provides both theoretical foundations and practical tooling to strengthen collaborative permission governance for platform vendors and developers.

Nowadays team workspaces are widely adopted for multi-user collaboration and digital resource management. To further broaden real-world applications, mainstream team workspaces platforms, such as Google Workspace and Microsoft OneDrive, allow third-party applications (referred to as add-ons) to be integrated into their workspaces, significantly extending the functionality of team workspaces. The powerful multi-user collaboration capabilities and integration of add-ons make team workspaces a central hub for managing shared resources and protecting them against unauthorized access. Due to the collaboration features of team workspaces, add-ons involved in collaborations may bypass the permission isolation enforced by the administrator, unlike in single-user permission management. This paper aims to investigate the permission management landscape of team workspaces add-ons. To this end, we perform an in-depth analysis of the enforced access control mechanism inherent in this ecosystem, considering both multi-user and cross-app features. We identify three potential security risks that can be exploited to cause permission escalation. We then systematically reveal the landscape of permission escalation risks in the current ecosystem. Specifically, we propose an automated tool, TAI, to systematically test all possible interactions within this ecosystem. Our evaluation reveals that permission escalation vulnerabilities are widespread in this ecosystem, with 41 interactions identified as problematic. Our findings should raise an alert to both the team workspaces platforms and third-party developers.