Back to skill

Security audit

Zoho Inventory

Security checks across malware telemetry and agentic risk

Overview

This appears to be a disclosed Zoho Inventory integration that uses Maton for authenticated API access and tells the agent to ask before making changes.

Install only if you trust Maton to mediate access to your Zoho Inventory account. Use a least-privileged Zoho connection where possible, keep the MATON_API_KEY private, and review any proposed create, update, or delete operation before approving it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.