build-zoom-team-chat-app
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a documentation and reference library for building integrations on the Zoom platform.
- [SAFE]: Provided code implementations for webhook handling include security best practices, specifically the use of HMAC-SHA256 signature verification to ensure the authenticity of incoming requests.
- [SAFE]: The documentation provides clear guidance on managing sensitive credentials using environment variables, correctly identifying standard practices for secret management and warning against hardcoding sensitive data.
- [SAFE]: Recommended Node.js dependencies (e.g., express, dotenv, node-fetch) and tools (e.g., ngrok) are industry-standard for the described use cases.
- [SAFE]: External repository references for sample applications point exclusively to the official GitHub organization of the platform vendor.
- [SAFE]: Input validation and sanitization patterns, such as stripping control characters and enforcing message length limits, are integrated into the provided code examples.
- [SAFE]: No prompt injections, obfuscation, or unauthorized command execution patterns were found.
Audit Metadata