Skills
skills/ranbot-ai/awesome-skills/Zoho Books Automation/Gen Agent Trust Hub

Zoho Books Automation

Warn

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires integration with a third-party Model Context Protocol (MCP) server at https://rube.app/mcp to provide the tool implementations.
  • [DATA_EXFILTRATION]: Sensitive financial information, including customer data, invoice details, and billing records, is accessed and processed through external services provided by rube.app and composio.dev.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to how it handles external data.
  • Ingestion points: Data is fetched from Zoho Books records (invoices, bills, contacts) via tools such as ZOHO_BOOKS_GET_INVOICE and ZOHO_BOOKS_LIST_CONTACTS.
  • Boundary markers: None identified. The instructions do not specify delimiters to separate untrusted data from agent instructions.
  • Capability inventory: The agent possesses high-impact capabilities, including the ability to delete invoices (ZOHO_BOOKS_DELETE_INVOICE) and update billing records (ZOHO_BOOKS_UPDATE_BILL).
  • Sanitization: No evidence of sanitization or validation of data retrieved from Zoho Books before it is processed by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 1, 2026, 10:38 PM