Skills
skills/membranedev/application-skills/zoho-creator/Gen Agent Trust Hub

zoho-creator

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the membrane CLI tool to perform operations such as authentication, connection management, and action execution. This is a standard architectural pattern for this vendor's ecosystem.
  • [EXTERNAL_DOWNLOADS]: The skill guides the user to install the @membranehq/cli package from the public npm registry. This is a legitimate dependency provided by the skill's author to enable the integration's functionality.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external data from Zoho Creator (records, reports, and fields) through the membrane action run command. This represents a potential surface for indirect prompt injection if retrieved data contains malicious instructions. However, the skill adheres to the vendor's standard data handling patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 06:48 PM