zoho-people

Integrates with Zoho People API for managing HR data, including employees, departments, and attendance through OAuth authentication.

Install this skill

60/100

Security score

The zoho-people skill was audited on Feb 12, 2026 and we found 36 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 527

Template literal with variable interpolation in command context

SourceSKILL.md

527	'Authorization': `Bearer ${process.env.MATON_API_KEY}`

low line 523

Fetch to external URL

SourceSKILL.md

523	const response = await fetch(

low line 527

Access to .env file

SourceSKILL.md

527	'Authorization': `Bearer ${process.env.MATON_API_KEY}`

low line 6

External URL reference

SourceSKILL.md

6	For other third party apps, use the api-gateway skill (https://clawhub.ai/byungkyu/api-gateway).

low line 28

External URL reference

SourceSKILL.md

28	req = urllib.request.Request('https://gateway.maton.ai/zoho-people/people/api/forms/employee/getRecords?sIndex=1&limit=10')

low line 37

External URL reference

SourceSKILL.md

37	https://gateway.maton.ai/zoho-people/{native-api-path}

low line 58

External URL reference

SourceSKILL.md

58	1. Sign in or create an account at [maton.ai](https://maton.ai)

low line 59

External URL reference

SourceSKILL.md

59	2. Go to [maton.ai/settings](https://maton.ai/settings)

low line 64

External URL reference

SourceSKILL.md

64	Manage your Zoho People OAuth connections at `https://ctrl.maton.ai`.

low line 71

External URL reference

SourceSKILL.md

71	req = urllib.request.Request('https://ctrl.maton.ai/connections?app=zoho-people&status=ACTIVE')

low line 83

External URL reference

SourceSKILL.md

83	req = urllib.request.Request('https://ctrl.maton.ai/connections', data=data, method='POST')

low line 95

External URL reference

SourceSKILL.md

95	req = urllib.request.Request('https://ctrl.maton.ai/connections/{connection_id}')

low line 109

External URL reference

SourceSKILL.md

109	"url": "https://connect.maton.ai/?session_token=...",

low line 123

External URL reference

SourceSKILL.md

123	req = urllib.request.Request('https://ctrl.maton.ai/connections/{connection_id}', method='DELETE')

low line 136

External URL reference

SourceSKILL.md

136	req = urllib.request.Request('https://gateway.maton.ai/zoho-people/people/api/forms')

low line 162

External URL reference

SourceSKILL.md

162	req = urllib.request.Request('https://gateway.maton.ai/zoho-people/people/api/forms')

low line 219

External URL reference

SourceSKILL.md

219	req = urllib.request.Request('https://gateway.maton.ai/zoho-people/people/api/forms/employee/getRecords?sIndex=1&limit=10')

low line 264

External URL reference

SourceSKILL.md

264	req = urllib.request.Request('https://gateway.maton.ai/zoho-people/api/forms/P_EmployeeView/records?rec_limit=10')

low line 281

External URL reference

SourceSKILL.md

281	req = urllib.request.Request('https://gateway.maton.ai/zoho-people/people/api/forms/employee/getRecords?SearchColumn=EMPLOYEEID&SearchValue=S20')

low line 306

External URL reference

SourceSKILL.md

306	req = urllib.request.Request('https://gateway.maton.ai/zoho-people/people/api/forms/department/getRecords?sIndex=1&limit=50')

low line 347

External URL reference

SourceSKILL.md

347	req = urllib.request.Request('https://gateway.maton.ai/zoho-people/people/api/forms/designation/getRecords?sIndex=1&limit=50')

low line 395

External URL reference

SourceSKILL.md

395	req = urllib.request.Request('https://gateway.maton.ai/zoho-people/people/api/forms/json/department/insertRecord', data=data, method='POST')

low line 440

External URL reference

SourceSKILL.md

440	req = urllib.request.Request('https://gateway.maton.ai/zoho-people/people/api/forms/json/employee/updateRecord', data=data, method='POST')

low line 524

External URL reference

SourceSKILL.md

524	'https://gateway.maton.ai/zoho-people/people/api/forms/employee/getRecords?sIndex=1&limit=10',

low line 541

External URL reference

SourceSKILL.md

541	'https://gateway.maton.ai/zoho-people/people/api/forms/employee/getRecords',

low line 593

External URL reference

SourceSKILL.md

593	req = urllib.request.Request('https://ctrl.maton.ai/connections')

low line 603

External URL reference

SourceSKILL.md

603	- Correct: `https://gateway.maton.ai/zoho-people/people/api/forms`

low line 604

External URL reference

SourceSKILL.md

604	- Incorrect: `https://gateway.maton.ai/people/api/forms`

low line 608

External URL reference

SourceSKILL.md

608	- [Zoho People API Overview](https://www.zoho.com/people/api/overview.html)

low line 609

External URL reference

SourceSKILL.md

609	- [Get Bulk Records API](https://www.zoho.com/people/api/bulk-records.html)

low line 610

External URL reference

SourceSKILL.md

610	- [Fetch Forms API](https://www.zoho.com/people/api/forms-api/fetch-forms.html)

low line 611

External URL reference

SourceSKILL.md

611	- [Insert Record API](https://www.zoho.com/people/api/insert-records.html)

low line 612

External URL reference

SourceSKILL.md

612	- [Update Record API](https://www.zoho.com/people/api/update-records.html)

low line 613

External URL reference

SourceSKILL.md

613	- [Attendance API](https://www.zoho.com/people/api/attendance-entries.html)

low line 614

External URL reference

SourceSKILL.md

614	- [Leave API](https://www.zoho.com/people/api/add-leave.html)

low line 615

External URL reference

SourceSKILL.md

615	- [Maton Community](https://discord.com/invite/dBfFAcefs2)

Scanned on Feb 12, 2026

View Security Dashboard

Install this skill with one command

/learn @openclaw/zoho-people

GitHub Stars 2.2K

Rate this skill

Categoryhr

UpdatedMarch 29, 2026

openclaw api hr-generalist people-operations customer-success-manager hr sales

openclaw/skills