zoho
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from Zoho CRM and Zoho Desk, which creates a surface for indirect prompt injection.
- Ingestion points: External data enters the context through API calls (Leads, Contacts, Deals, Tickets) in SKILL.md using the zoho() helper.
- Boundary markers: None provided; the skill does not use delimiters or instructions to ignore embedded commands in the fetched data.
- Capability inventory: The skill is capable of performing network requests via fetch/curl and generating Deluge scripts for Zoho automation.
- Sanitization: There is no evidence of data sanitization or validation before external content is used in prompts or script generation.
- [COMMAND_EXECUTION]: Provides curl commands for the initial OAuth2 setup and describes the generation of Deluge scripts for automated workflows.
- [EXTERNAL_DOWNLOADS]: Interacts with official Zoho API endpoints for authentication and data management, which are well-known service domains.
Audit Metadata