← 返回 Skills 市场
1996
总下载
1
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install zoom-manager-clawd
功能描述
Manage Zoom meetings via OAuth API. Create, list, delete, and update events.
安全使用建议
This skill likely does what it claims (talks to Zoom's REST API) but has packaging and documentation mismatches that could expose credentials or cause runtime errors. Before installing or running it: 1) Ask the publisher which script is canonical (zoom-cli.js vs the per-action scripts) and whether credentials should be provided via environment variables or a config.json. 2) Prefer keeping secrets in environment variables (not stored in config.json on disk); if a config file is required, store it securely and restrict file permissions. 3) Review and fix the JS bugs (e.g., delete_meeting.js tries to use a fetch 'auth' option instead of an Authorization header). 4) Run the code in an isolated environment with least-privilege Zoom credentials (create a dedicated Server-to-Server OAuth app with only required scopes and use a non-production account). 5) Because the skill owner/source is unknown, treat credentials cautiously — do not reuse high-privilege production credentials until you confirm the packaging and credential storage behavior.
功能分析
Type: OpenClaw Skill
Name: zoom-manager-clawd
Version: 0.1.0
The skill is designed to manage Zoom meetings (create, list, update, delete) and interacts with the legitimate Zoom API. The `SKILL.md` correctly instructs the user to set Zoom API credentials as environment variables, and the primary entry point `scripts/zoom-cli.js` properly retrieves these secrets from `process.env`. While several other individual scripts (`scripts/create_meeting.js/py`, `scripts/delete_meeting.js/py`, etc.) attempt to load credentials from a non-existent `config.json` file, these scripts are not referenced in the `SKILL.md`'s command section, and the `config.json` file itself is not part of the skill bundle. This inconsistency is a minor code quality issue but does not indicate malicious intent or a direct vulnerability. The requested Zoom API scopes are broad but align with the skill's stated purpose.
能力评估
Purpose & Capability
The stated purpose (manage Zoom via Server-to-Server OAuth) matches the code which calls Zoom REST endpoints. Requesting Zoom client ID/secret/account ID is reasonable for that purpose. However, metadata and runtime behavior are inconsistent: SKILL.md metadata lists required Node binary and secrets, the registry shows no required env vars, and many scripts expect a local config.json rather than environment variables. The inclusion of both Node and Python scripts (and differing config approaches) is over-broad for a single, simple CLI skill and suggests packaging/maintenance issues.
Instruction Scope
SKILL.md instructs setting ZOOM_CLIENT_ID, ZOOM_CLIENT_SECRET, and ZOOM_ACCOUNT_ID env vars and running node zoom-cli.js. Many provided scripts (JS and Python) instead read a config.json in the repository parent directory for client_id/client_secret/account_id/user_id. That mismatch means agents or users following the SKILL.md instructions may have credentials ignored or duplicated into disk files. All network calls are to Zoom's API endpoints (no obvious exfiltration), but the instructions are inconsistent about where secrets live and which scripts are canonical.
Install Mechanism
No install spec — the skill is instruction/code-only, so nothing is downloaded at install time. That lowers supply-chain risk. All code is bundled in the skill payload rather than fetched from external URLs.
Credentials
Requesting Zoom OAuth credentials is appropriate for a Zoom manager. But the skill inconsistently documents and implements credential handling: SKILL.md metadata declares secrets (ZOOM_CLIENT_ID, ZOOM_CLIENT_SECRET, ZOOM_ACCOUNT_ID) while registry metadata lists none; zoom-cli.js reads env vars, while many other scripts require config.json with client_id/client_secret/account_id/user_id. This encourages storing sensitive credentials in a file (config.json) in the repository, increasing exposure risk. There is also an optional ZOOM_USER_ID in code not documented consistently. Verify where credentials will actually be stored and used before providing them.
Persistence & Privilege
always is false and the skill does not request any platform-wide persistence or special privileges. It does not attempt to modify other skills or agent settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install zoom-manager-clawd - 安装完成后,直接呼叫该 Skill 的名称或使用
/zoom-manager-clawd触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Initial release: Manage Zoom meetings from Clawdbot via OAuth.
- Create, list, update, and delete Zoom meetings using CLI or natural language.
- Uses secure Server-to-Server OAuth authentication.
- Supports cloud recording by default.
- Node.js implementation designed for easy automation and integration.
- No browser required; interacts directly with Zoom REST API v2.
- Includes detailed setup and command instructions.
元数据
常见问题
Zoom Manager 是什么?
Manage Zoom meetings via OAuth API. Create, list, delete, and update events. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1996 次。
如何安装 Zoom Manager?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install zoom-manager-clawd」即可一键安装,无需额外配置。
Zoom Manager 是免费的吗?
是的,Zoom Manager 完全免费(开源免费),可自由下载、安装和使用。
Zoom Manager 支持哪些平台?
Zoom Manager 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Zoom Manager?
由 Vladimir(@vnagin)开发并维护,当前版本 v0.1.0。
推荐 Skills