zoom-websockets

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill opens a persistent WebSocket to Zoom (wss://ws.zoom.us/ws) and its SKILL.md and references/events.md show the agent parsing user-generated event payloads (meeting topics, participant names, recording URLs) and using them to drive handlers/actions (e.g., downloadRecordings, notifyCalendarService), which clearly ingests untrusted third‑party content that can influence behavior.