Fathom
ReviewAudited by ClawScan on May 1, 2026.
Overview
This is a coherent Fathom integration that clearly needs a Maton API key/OAuth access and can handle sensitive meeting content and user-approved webhooks.
This skill appears safe to install if you intend to use Maton to access Fathom. Make sure the MATON_API_KEY is kept private, connect only the intended Fathom account, and carefully approve any operation that creates, updates, deletes, or configures webhooks.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using this skill should understand that the configured key can access Fathom meeting resources through Maton.
The skill requires a Maton API key that authorizes access to a connected Fathom account.
All requests require the Maton API key in the Authorization header: Authorization: Bearer $MATON_API_KEY
Use a dedicated Maton key, connect only the intended Fathom account, and rotate or revoke the key if it is no longer needed.
Meeting metadata, transcripts, summaries, and related requests may pass through Maton as part of normal operation.
Fathom API access is mediated by the Maton service, so meeting data and requests flow through an external gateway.
Maton proxies requests to `api.fathom.ai` and automatically injects your OAuth token.
Only install this if you trust Maton as the OAuth/API gateway, and use the documented connection selection when multiple Fathom accounts are connected.
Create, update, or delete actions could change OAuth connections or webhook settings if approved.
The skill includes account-mutating API operations, but it explicitly requires confirmation before writes.
**All write operations require explicit user approval.** Before executing any create, update, or delete call, confirm the target resource and intended effect with the user.
Before approving any write operation, verify the target account, resource, and expected effect.