ClawHub
Back to skill

Security audit

Zoho Crm Connector

Security checks across malware telemetry and agentic risk

Overview

This is a text-only Zoho CRM connector that discloses CRM read, create, update, and delete actions, but users should keep delete access disabled unless they truly need it.

Install only if you intend to let an agent access Zoho CRM through AgentPMT. Start with read-only permissions, grant add/edit/delete only for specific workflows, and require explicit human confirmation before deleting CRM records or enabling workflow-triggered deletions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The schema exposes write-capable actions including create, update, and delete, while the surrounding description emphasizes search and retrieval use cases. This capability mismatch can mislead users and downstream agents into granting or invoking broader permissions than intended, increasing the chance of unauthorized or accidental data modification.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The skill includes a record deletion action even though the stated business uses focus on retrieval, reporting, enrichment, and record creation. In an agentic context, this unjustified destructive capability materially increases risk because a prompt mistake, confused deputy scenario, or malicious instruction could cause permanent CRM data loss.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The delete action is documented functionally but lacks a clear warning that it is destructive and may be irreversible. Without an explicit caution, agents or users may treat deletion like a routine operation, increasing the likelihood of accidental execution and loss of critical CRM records.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal