cli-anything-zoom
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the cli-anything-zoom Python package from the public registry.
- [COMMAND_EXECUTION]: Executes the cli-anything-zoom CLI tool to manage Zoom meetings, participants, and recordings.
- [DATA_EXFILTRATION]: Communicates with the Zoom REST API to perform account management and download recording files.
- [PROMPT_INJECTION]: The skill processes untrusted external data which presents a surface for indirect instructions.
- Ingestion points: Reads data from CSV files for batch registration and JSON files for project configuration as documented in SKILL.md.
- Boundary markers: Boundary markers and instructions to ignore embedded commands are absent in the skill documentation.
- Capability inventory: The tool has permissions to interact with the Zoom API, write files to the local system, and manage sensitive meeting information as documented in SKILL.md.
- Sanitization: There is no mention of sanitization or validation logic for the ingested file contents.
Audit Metadata