Security audit
Zoho Books
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed Zoho Books connector that can read and modify accounting records through Maton's OAuth proxy, with no evidence of hidden or malicious behavior.
Install only if you trust Maton with access to your Zoho Books data. Keep MATON_API_KEY secret, use Maton-Connection when multiple accounts exist, revoke unused connections, and approve only specific write or delete actions after checking the account, resource ID, and business effect.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
