zoom-meeting-sdk
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill integrates with real-time meeting data, presenting a surface for indirect prompt injection attacks.\n
- Ingestion points: In-meeting chat content (windows/examples/chat.md), meeting transcriptions (windows/examples/captions-transcription.md), and participant identifiers are processed at runtime.\n
- Boundary markers: Boundary markers or specific instructions to disregard embedded commands in external data are not present in the code examples.\n
- Capability inventory: The skill facilitates file writing for recordings and utilizes shell commands for media post-processing (linux/concepts/high-level-scenarios.md).\n
- Sanitization: No sanitization or escaping of meeting-generated text data is implemented in the provided logic patterns.\n- [COMMAND_EXECUTION]: The Linux bot implementation guide suggests using system calls to execute external media tools.\n
- Evidence: linux/concepts/high-level-scenarios.md provides an example using system("ffmpeg ...") to combine raw audio and video files. While arguments are largely static or derived from internal file naming, this pattern introduces a shell execution capability within the meeting bot environment.
Audit Metadata