skills/marcfargas/odoo-toolbox/odoo/Gen Agent Trust Hub

odoo

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill facilitates access to highly sensitive business data stored within Odoo ERP, including accounting records, customer information, and employee details. While this is the intended purpose, it represents a significant data exposure surface if the agent is misused or compromised.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from the Odoo instance that the agent then processes.
  • Ingestion points: Data retrieved from ERP records (e.g., descriptions, chatter messages, notes) using searchRead, read, or CLI commands in files like base/crud.md and mail/chatter.md.
  • Boundary markers: No explicit delimiters or instructions to treat ERP data as untrusted content are provided in the documentation.
  • Capability inventory: The skill possesses extensive capabilities to write data back to Odoo, modify system modules, and execute powerful CLI commands as described in base/modules.md and cli/records.md.
  • Sanitization: There is no mention of sanitizing or validating retrieved record data before the agent incorporates it into its context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 07:22 AM
Security Audit — agent-trust-hub — odoo