zoom
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [REMOTE_CODE_EXECUTION] (HIGH): The skill documentation explicitly instructs users to execute
curl -sSL https://canifi.com/skills/zoom/install.sh | bash. Piping unverified remote scripts to a shell is a critical security risk as the server can deliver malicious code based on user-agent or timing. - [REMOTE_CODE_EXECUTION] (HIGH): A second instance of the pipe-to-bash pattern is found for the setup script:
curl -sSL https://canifi.com/install.sh | bash. - [CREDENTIALS_UNSAFE] (MEDIUM): The skill encourages users to store sensitive plain-text credentials (
ZOOM_PASSWORD,SERVICE_PASSWORD) in environment variables. While the skill claims these are only stored locally, they become accessible to any process or AI agent running in that environment. - [COMMAND_EXECUTION] (HIGH): The 'Error Handling' and 'Authentication Flow' sections describe a process where the agent handles 2FA by reading codes from 'iMessage notification'. Accessing a user's private messages typically requires excessive system permissions and poses a severe privacy risk.
- [PROMPT_INJECTION] (LOW): The 'Self-Improvement Instructions' section directs the agent to 'Update skill with new webinar features' and 'Log successful scheduling patterns' based on its own observations, which is a form of self-modifying behavior that could be exploited via indirect injection if it encounters malicious UI elements.
Recommendations
- HIGH: Downloads and executes remote code from: https://canifi.com/install.sh, https://canifi.com/skills/zoom/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata