zoho_books-automation

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires adding and calling the Rube MCP endpoint (https://rube.app/mcp) at runtime — RUBE_SEARCH_TOOLS returns recommended execution plans/schemas that drive agent behavior and RUBE_MULTI_EXECUTE_TOOL triggers remote tool execution — so external content from that URL can directly control prompts and execute code.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for Zoho Books accounting operations and lists invoices, expenses, contacts, payments, and accounting as primary capabilities. It requires an active Zoho Books connection and provides a concrete execution mechanism (RUBE_MULTI_EXECUTE_TOOL) to run discovered Zoho Books tool slugs with schema-compliant arguments — which can include creating/managing payments and financial records. This is a purpose-built financial automation toolkit (not a generic browser or HTTP tool), so it grants direct financial execution capability.