setup-zoom-websockets

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill opens a Zoom WebSocket (wss://ws.zoom.us/ws) and ingests realtime Zoom event payloads (e.g., meeting.topic, participant names, recording URLs) as shown in SKILL.md and references/events.md, and those user-generated fields are parsed and used to drive actions like downloadRecordings, sendWelcomeEmail, and updateMeetingStatus—creating a direct path for untrusted content to influence agent behavior.