Security audit
Zoho Inventory
Security checks across malware telemetry and agentic risk
Overview
This appears to be a disclosed Zoho Inventory integration that uses Maton for authenticated API access and tells the agent to ask before making changes.
Install only if you trust Maton to mediate access to your Zoho Inventory account. Use a least-privileged Zoho connection where possible, keep the MATON_API_KEY private, and review any proposed create, update, or delete operation before approving it.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
