zoom-meeting-sdk-web

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill clearly loads and runs remote JavaScript from Zoom's CDN at runtime (e.g. https://source.zoom.us/{VERSION}/zoom-meeting-embedded-{VERSION}.min.js) — which executes remote code required for the skill — and also recommends cloning/running the auth endpoint repo (https://github.com/zoom/meetingsdk-auth-endpoint-sample) to fetch and execute backend code; both are runtime/execution dependencies.