Skip to main content

build-zoom-phone-integration

Facilitates integration with Zoom Phone for call handling, CRM, and automation using APIs and webhooks.

Install this skill

or
44/100

Security score

The build-zoom-phone-integration skill was audited on May 14, 2026 and we found 12 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 3

Webhook reference - potential data exfiltration

SourceSKILL.md
3description: "Reference skill for Zoom Phone. Use after routing to a phone workflow when implementing OAuth, Phone APIs, webhooks, Smart Embed events, URI schemes, CRM or CTI dialers, or call handling
medium line 8

Webhook reference - potential data exfiltration

SourceSKILL.md
8- "zoom phone webhook"
medium line 19

Webhook reference - potential data exfiltration

SourceSKILL.md
19Background reference for Zoom Phone integrations across API, webhook, Smart Embed, and URI-launch workflows.
medium line 21

Webhook reference - potential data exfiltration

SourceSKILL.md
21Implementation guidance for Zoom Phone integrations across API, webhook/event, Smart Embed, and URI-launch workflows.
medium line 30

Webhook reference - potential data exfiltration

SourceSKILL.md
30- If the user needs call records, analytics, or automation, use Phone REST API and webhooks ([references/deprecations-and-migrations.md](references/deprecations-and-migrations.md)).
medium line 57

Webhook reference - potential data exfiltration

SourceSKILL.md
57- REST + webhooks
medium line 59

Webhook reference - potential data exfiltration

SourceSKILL.md
594. Capture real-time events (Smart Embed events and/or webhooks).
medium line 62

Webhook reference - potential data exfiltration

SourceSKILL.md
627. Harden security (origin validation, webhook signature validation, least-privilege scopes).
medium line 70

Webhook reference - potential data exfiltration

SourceSKILL.md
70- Real-time operational board driven by `phone.*` webhook events.
medium line 80

Webhook reference - potential data exfiltration

SourceSKILL.md
80- Event delivery and signature validation: [../webhooks/SKILL.md](../webhooks/SKILL.md)
medium line 85

Access to .env file

SourceSKILL.md
85- See [references/environment-variables.md](references/environment-variables.md) for standardized `.env` keys and where to find each value.
low line 24

External URL reference

SourceSKILL.md
24- https://developers.zoom.us/docs/phone/
Scanned on May 14, 2026
View Security Dashboard
Installation guide →
GitHub Stars 12.2K
Rate this skill
Categorysales
UpdatedMay 20, 2026
openclawapicustomer-success-managersales-engineerbusiness-developmenttechnical-supportproduct-managersalessupportproduct
anthropics/knowledge-work-plugins