zoom-automation
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it handles external data that could contain malicious instructions.
- Ingestion points: The skill retrieves data from participant lists (ZOOM_GET_PAST_MEETING_PARTICIPANTS) and AI-generated meeting summaries (ZOOM_GET_A_MEETING_SUMMARY).
- Boundary markers: There are no explicit delimiters defined to separate retrieved data from the agent's internal instructions.
- Capability inventory: The agent has high-impact capabilities including the ability to delete cloud recordings and add new meeting registrants.
- Sanitization: The instructions do not specify any validation or sanitization for the content retrieved from external Zoom endpoints.
- [EXTERNAL_DOWNLOADS]: The skill requires the configuration of a remote MCP server at https://rube.app/mcp which provides the underlying Zoom toolkit functionality.
Audit Metadata