odoo
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it ingests data from an Odoo ERP instance through various read operations.
- Ingestion points: Record searches, field reads, and message retrieval from modules such as chatter and discuss (e.g., mail/chatter.md, mail/discuss.md, cli/records.md).
- Boundary markers: There are no explicit instructions or delimiters provided to signal the agent to ignore instructions embedded within the Odoo data.
- Capability inventory: The skill possesses significant capabilities including the ability to create, modify, or delete any record, and to call arbitrary methods on Odoo models (e.g., base/crud.md, cli/records.md).
- Sanitization: The documentation does not specify sanitization procedures for data retrieved from Odoo before it is processed by the AI agent.
Audit Metadata