ClawHub

Zoom Manager

Security checks across malware telemetry and agentic risk

Overview

This Zoom skill matches its meeting-management purpose, but it deserves review because it can use broad Zoom admin authority to create auto-recorded meetings and delete or update meetings without built-in safeguards.

Install only with a dedicated, least-privilege Zoom Server-to-Server OAuth app. Avoid granting recording-read access unless you actually need it, confirm legal and organizational consent rules before using automatic cloud recording, and require human confirmation before update or delete commands are run.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill advertises automatic cloud recording as a default behavior without any notice about consent, legal restrictions, retention, or privacy implications. In many jurisdictions and organizations, recording meetings without clear participant notice or approval can create legal, compliance, and confidentiality risks, and the headless nature of the skill makes silent recording more dangerous in context.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documented delete command performs an irreversible destructive operation against Zoom meetings but is presented without any caution, confirmation guidance, or scope limitation. Because the skill uses admin-level OAuth scopes, an operator could unintentionally delete important meetings at scale, causing disruption and potential data loss of scheduling metadata or linked workflows.

Missing User Warnings

Medium
Confidence
78% confidence
Finding
The script loads highly sensitive OAuth credentials from a local config.json file without any safeguards, disclosure, or indication of secure storage expectations. In agent-skill contexts, this increases the chance that secrets are stored insecurely, committed to source control, or exposed to other local users/processes.

Missing User Warnings

High
Confidence
92% confidence
Finding
This script performs an irreversible destructive action immediately based on a single command-line argument, with no confirmation prompt, dry-run mode, ownership validation, or guardrails. In a meeting-management skill, accidental invocation or misuse could delete legitimate Zoom meetings and disrupt operations.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The script loads persistent OAuth credentials from a local config and uses them to access Zoom data without any user-facing disclosure, consent prompt, or runtime warning. In an agent skill context, this can enable silent access to meeting metadata using preconfigured account privileges, which is risky because users may not realize the skill is operating with stored organization credentials.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The delete command performs an irreversible destructive action immediately from a single CLI argument with no confirmation prompt, dry-run, or force flag. In an agent or automation context, this increases the risk of accidental or unintended meeting deletion from prompt mistakes, argument confusion, or misuse by a higher-level tool.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal