Zoho Books Automation

SUSPICIOUS. The skill’s capabilities broadly match its Zoho Books automation purpose and the external service appears to be same-org Composio infrastructure, so this is not strong evidence of malware. However, it routes accounting data and OAuth through an intermediary MCP service and enables autonomous real-world financial actions, including invoice sending and destructive operations, which raises meaningful security and operational risk.