Percept Meetings
PendingStatic analysis audit pending.
Overview
No static analysis result has been recorded yet. Pattern checks will appear here once the artifact has been analyzed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A Zoom Server-to-Server OAuth app could let the integration read many users' cloud recordings and account user data, not just one meeting transcript.
These are admin-level Zoom scopes that can expose recordings and user lists beyond a single user's selected meetings. The registry metadata also declares no primary credential or required env vars, so this privileged access is under-declared.
Add scopes: - `recording:read:list_recording_files:admin` - `recording:read:list_user_recordings:admin` - `user:read:list_users:admin`
Use the least-privileged Zoom app possible, restrict it to the intended account or users, and install only if you are comfortable granting account-level recording access.
Private conversations may become searchable agent context and could be reused in later tasks if the database is not carefully scoped and managed.
The Omi workflow can capture broad ambient conversations and persist them into a searchable database. The artifacts do not describe retention limits, exclusions, encryption, participant consent handling, or when stored context should be reused.
No calendar integration needed — it captures everything ambient ... Stored in Percept DB, searchable immediately
Configure capture narrowly, get appropriate consent, protect the database, and define retention or deletion practices before using ambient meeting capture.
The agent could turn transcript-derived action items into real-world account changes or communications without enough review.
The instruction encourages the agent to take external follow-up actions based on meeting transcripts, but it does not specify a confirmation step before sending messages, creating tasks, or scheduling events.
Use other OpenClaw tools to execute (send emails, create tasks, schedule follow-ups)
Require explicit user approval before sending emails, creating tasks, scheduling meetings, or making other external changes based on meeting data.
Installing the external package will run and trust code outside this skill bundle.
The main functionality depends on installing external code that is not included in the reviewed artifacts and is not pinned to a specific version. This is expected for this integration but should be verified by the user.
pip install getpercept # or: git clone https://github.com/GetPercept/percept
Review the package and repository, pin a trusted version, and install in a controlled environment if possible.