Zoho Books
WarnAudited by ClawScan on May 10, 2026.
Overview
This appears to be a real Zoho Books integration, but it gives the agent broad authenticated ability to change or delete accounting data through Membrane, so users should review it carefully.
Install only if you trust Membrane with Zoho Books access. Before allowing the agent to create, update, delete, pay, approve, or proxy any accounting operation, require a clear summary and explicit confirmation, and use the least-privileged Zoho organization/account available.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could modify or delete invoices, bills, payments, expenses, or other accounting records if given or inferred from a task.
The skill exposes a broad authenticated API escape hatch, including destructive methods, without artifact-backed limits, approval requirements, or endpoint scoping.
send requests directly to the Zoho Books API through Membrane's proxy ... HTTP method (GET, POST, PUT, PATCH, DELETE)
Require explicit user confirmation for any POST, PUT, PATCH, or DELETE request, prefer narrowly discovered actions over raw proxy calls, and use least-privileged Zoho/Membrane access.
Connecting the skill can give the agent access to sensitive Zoho Books financial data and workflows under the authenticated account.
The skill relies on delegated Zoho/Membrane authentication and ongoing credential refresh, which is expected for this integration but grants sensitive account authority.
Membrane handles authentication and credentials refresh automatically
Connect only the intended Zoho Books organization, use least-privileged credentials where possible, and revoke the Membrane/Zoho connection when no longer needed.
Users are trusting the current npm version of the Membrane CLI on their machine.
The setup uses a global install of the latest CLI package from npm. This is central to the stated purpose, but it is unpinned and depends on external package provenance.
npm install -g @membranehq/cli@latest
Install from the official source, consider pinning a reviewed version, and keep the CLI updated through a trusted process.
Financial records and API operations may pass through Membrane as part of normal use.
Zoho Books API requests and authentication handling are routed through Membrane's proxy. This is disclosed and purpose-aligned, but it is a third-party gateway for sensitive accounting data.
send requests directly to the Zoho Books API through Membrane's proxy ... injects the correct authentication headers
Review Membrane's trust, privacy, and data-processing terms before connecting sensitive accounting data.