Zoho People

Security checks across malware telemetry and agentic risk

Overview

This Zoho People skill is purpose-aligned, but it deserves Review because it can read and change sensitive HR records through broad action execution and raw API proxy requests without explicit guardrails.

Install only if you trust Membrane and intend to let an agent work with Zoho People. Use a least-privileged Zoho account, review scopes, require explicit approval before create/update/delete, leave, or time-entry actions, avoid broad employee exports, and revoke the Membrane connection when finished.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill advertises record-changing actions like updating employees, creating employees, applying leave, and adding time logs without any warning that these operations modify sensitive HR records. In an HR context, silent execution of write actions can alter payroll-adjacent, attendance, or employee profile data and cause privacy, compliance, and business integrity issues.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The proxy request section encourages direct API use through authenticated Membrane connections but omits warnings that arbitrary requests may read, send, or modify highly sensitive employee and attendance data. Because the proxy can bypass safer prebuilt action boundaries, it increases the risk of unintended writes, overbroad data access, and exfiltration of HR information.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal