Back to skill

Security audit

Zoho Books

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Zoho Books connector that can read and modify accounting records through Maton's OAuth proxy, with no evidence of hidden or malicious behavior.

Install only if you trust Maton with access to your Zoho Books data. Keep MATON_API_KEY secret, use Maton-Connection when multiple accounts exist, revoke unused connections, and approve only specific write or delete actions after checking the account, resource ID, and business effect.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.