Skills
skills/qmop1967/clients-console/zoho-api/Gen Agent Trust Hub

zoho-api

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • CREDENTIALS_UNSAFE (HIGH): The skill contains a hardcoded secret token in multiple example curl commands.
  • Evidence: secret=tsh-revalidate-2024 is included in the revalidation URLs provided for cache management.
  • Impact: An attacker could use this secret to trigger unauthorized cache revalidations on the tsh.sale production environment, potentially leading to denial-of-service or data consistency issues.
  • PROMPT_INJECTION (LOW): The skill exposes a surface for Indirect Prompt Injection (Category 8) by ingesting data from external Zoho API endpoints.
  • Ingestion points: Data is ingested via zohoFetch from Zoho Inventory (/inventory/v1/items) and Zoho Books (/contacts, /salesorders, etc.) endpoints.
  • Boundary markers: None identified. The documentation does not specify the use of delimiters or instructions to ignore embedded content when processing API responses.
  • Capability inventory: The skill facilitates data fetching, caching via Upstash Redis/Next.js unstable_cache, and serving data through API routes (NextResponse.json). It does not appear to have direct shell execution or file-write capabilities on the host.
  • Sanitization: There is no evidence of sanitization or filtering for natural language instructions that might be embedded in product descriptions, customer names, or order notes retrieved from Zoho.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 04:28 AM