Zoho Projects
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: zoho-projects Version: 1.0.1 The skill provides a legitimate integration for Zoho Projects using the Maton API proxy (api.maton.ai). It includes well-documented Python and JavaScript examples for managing tasks, projects, and milestones, and explicitly instructs the agent to seek user approval for write operations. No evidence of malicious intent, data exfiltration, or unauthorized execution was found in SKILL.md or _meta.json.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed and configured, the agent can access Zoho Projects data for the connected account and use the account authority exposed through Maton.
The skill requires a Maton API key to act through a managed OAuth connection, which grants delegated access to the user's connected Zoho Projects account.
All requests require the Maton API key in the Authorization header: Authorization: Bearer $MATON_API_KEY
Use a Maton key and Zoho connection only for the intended account, avoid sharing the key or connection URL, and revoke the connection if you stop using the skill.
Approved write actions could create, modify, or delete project-management records in Zoho Projects.
The skill supports mutating Zoho Projects resources, but it explicitly requires approval before create, update, or delete operations.
All write operations require explicit user approval. Before executing any create, update, or delete call, confirm the target resource and intended effect with the user.
Before approving any write or delete action, verify the target portal, project, task, or connection and the exact intended change.
Zoho Projects data may pass through Maton's proxy as part of normal operation.
Requests and responses for Zoho Projects flow through Maton's API gateway, so project data and delegated authorization depend on that third-party service.
Maton proxies requests to `projectsapi.zoho.com` and automatically injects your OAuth token.
Install only if you trust Maton to handle the connected Zoho Projects data and OAuth flow, and review Maton's account and connection settings.