Skills
skills/sickn33/antigravity-awesome-skills/zoho-crm-automation/Gen Agent Trust Hub

zoho-crm-automation

Fail

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the configuration of an external MCP server at https://rube.app/mcp which is an unverified third-party domain. This server provides the tool definitions and operational logic for the agent.
  • [DATA_EXFILTRATION]: Interaction with Zoho CRM data is routed through the rube.app domain. This exposes sensitive information such as leads, contacts, and account details to a third-party service provider that is not the official CRM vendor or a recognized infrastructure provider.
  • [REMOTE_CODE_EXECUTION]: The agent is instructed to dynamically retrieve tool schemas and execution logic from the remote endpoint via RUBE_SEARCH_TOOLS. This allows the external server to define and modify the capabilities and behaviors available to the agent at runtime.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 14, 2026, 07:03 PM