zoom-apps-sdk
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the official Zoom Apps SDK from the vendor's CDN (appssdk.zoom.us).
- [EXTERNAL_DOWNLOADS]: References the official @zoom/appssdk package from the public NPM registry.
- [COMMAND_EXECUTION]: Provides backend server boilerplate using Express to manage OAuth flows and interaction with Zoom REST APIs.
- [CREDENTIALS_UNSAFE]: Uses placeholders for sensitive credentials (Client ID/Secret) and provides guidance on secure secret management using environment variables and .gitignore.
- [SAFE]: Implements industry-standard security headers (OWASP) and cryptographic practices like PKCE and state validation for OAuth protection.
Audit Metadata