zoho-crm-automation
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill requires the use of an unverified external MCP server endpoint (
https://rube.app/mcp). This domain is not included in the Trusted External Sources list, posing a supply chain risk as sensitive CRM data is processed through this third-party service. - [PROMPT_INJECTION] (LOW): Vulnerable to Indirect Prompt Injection (Category 8). The skill ingests untrusted data from Zoho CRM records which could contain malicious instructions.
- Ingestion points:
ZOHO_SEARCH_ZOHO_RECORDS,ZOHO_GET_ZOHO_RECORDS(SKILL.md) - Boundary markers: Absent. Instructions do not mandate delimiters for record data.
- Capability inventory: The skill has significant write capabilities including
ZOHO_CREATE_ZOHO_RECORD,ZOHO_UPDATE_ZOHO_RECORD, andZOHO_CONVERT_ZOHO_LEAD(SKILL.md). - Sanitization: Absent. No filtering or validation of CRM field content is described.
Audit Metadata