odoo
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill facilitates access to highly sensitive business data stored within Odoo ERP, including accounting records, customer information, and employee details. While this is the intended purpose, it represents a significant data exposure surface if the agent is misused or compromised.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from the Odoo instance that the agent then processes.
- Ingestion points: Data retrieved from ERP records (e.g., descriptions, chatter messages, notes) using
searchRead,read, or CLI commands in files likebase/crud.mdandmail/chatter.md. - Boundary markers: No explicit delimiters or instructions to treat ERP data as untrusted content are provided in the documentation.
- Capability inventory: The skill possesses extensive capabilities to write data back to Odoo, modify system modules, and execute powerful CLI commands as described in
base/modules.mdandcli/records.md. - Sanitization: There is no mention of sanitizing or validating retrieved record data before the agent incorporates it into its context.
Audit Metadata