skills/tuanle96/odoo-ai-skills/odoo/Gen Agent Trust Hub

odoo

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill relies on an indirect prompt injection surface by instructing the agent to ingest runtime data from an Odoo instance to inform its code generation and modification tasks.
  • Ingestion points: External data enters the agent's context through tools like odoo-ai all <model> and odoo-ai surface, which retrieve JSON briefs containing field definitions, MRO, and view architectures (SKILL.md).
  • Boundary markers: The instructions lack explicit boundary markers or warnings directing the agent to ignore instructions that might be embedded within the retrieved introspection data.
  • Capability inventory: The suite provides the agent with the ability to write and modify Python code (odoo-dev), XML views (odoo-views), and JavaScript components (odoo-owl).
  • Sanitization: There is no mention of sanitizing or validating the retrieved Odoo metadata before it is processed by the AI to generate code.
  • [COMMAND_EXECUTION]: The skill explicitly directs the agent to execute various commands using the odoo-ai CLI tool for discovery and introspection.
  • Evidence: The instructions include commands such as odoo-ai native-check, odoo-ai capabilities, odoo-ai all, odoo-ai surface, and odoo-ai esg.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 05:59 PM
Security Audit — agent-trust-hub — odoo