Skills
skills/aaaaqwq/claude-code-skills/zoho-crm-automation/Gen Agent Trust Hub

zoho-crm-automation

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill requires the user to configure a third-party MCP server endpoint.
  • Evidence: The setup instructions direct the user to add https://rube.app/mcp as an MCP server. This domain is not part of the pre-approved trusted organizations or repositories list. This finding is downgraded to LOW as it is the primary intended mechanism of the skill.
  • PROMPT_INJECTION (LOW): The skill exhibits a surface for indirect prompt injection by ingesting data from Zoho CRM records.
  • Ingestion points: Data enters the agent context via ZOHO_SEARCH_ZOHO_RECORDS and ZOHO_GET_ZOHO_RECORDS tools.
  • Boundary markers: Absent. There are no instructions provided to the agent to treat data retrieved from the CRM as untrusted or to ignore embedded instructions within record fields.
  • Capability inventory: The skill possesses significant write capabilities, including ZOHO_CREATE_ZOHO_RECORD, ZOHO_UPDATE_ZOHO_RECORD, and ZOHO_CONVERT_ZOHO_LEAD (which is an irreversible action).
  • Sanitization: Absent. No logic is defined to sanitize or validate record content before it is processed or used to influence subsequent agent actions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 03:09 PM