zoom
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [Data Exposure & Exfiltration] (HIGH): The skill explicitly instructs users to store sensitive authentication data (Account ID, Client ID, Client Secret) in plain-text JSON files at
~/.zoom_credentials/credentials.jsonand~/.zoom_credentials/oauth_token.json. These files are accessed by the skill scripts to perform API operations. Per the safety guidelines, access to sensitive file paths containing credentials is a high-severity concern, though mitigated here as it is the primary intended purpose of the skill. - [Dynamic Execution] (MEDIUM): The setup documentation includes a
python -cexecution string that uses__import__to dynamically load libraries and writes JSON tokens to the filesystem. While intended for user setup, this pattern of dynamic execution and file writing is a security risk if modified or misused. - [Indirect Prompt Injection] (LOW): The skill ingests and processes untrusted data from the Zoom API, specifically meeting transcripts and AI-generated summaries.
- Ingestion points: Zoom API cloud recording endpoints referenced in
scripts/zoom_meetings.py. - Boundary markers: None identified in instructions or metadata to separate meeting content from agent instructions.
- Capability inventory: The skill has broad capabilities to create, update, and delete meetings via the Zoom API using
requests. - Sanitization: No sanitization or validation of transcript content is mentioned.
Audit Metadata