Zoom MCP
Zoom meetings MCP server for creating, listing, updating, and deleting Zoom meetings
Score Breakdown
Server Info
- Package
- @prathamesh0901/zoom-mcp-server
- Registry
- npm
- Repository
- prathamesh0901/zoom-mcp
- Maintainer
- Community
- Category
- Communication
- Tags
- videomeetingsconferencing
- Last Scanned
- 7 Apr 2026
Findings
5 issuesAuthentication & Identity
HIGHNo per-request auth - requires instance-per-user
Stdio-only transport. Uses Zoom Server-to-Server OAuth (account_credentials grant type) with client ID, secret, and account ID from env vars. The server fetches an access token from https://zoom.us/oauth/token at runtime using HTTP Basic auth. No MCP OAuth or HTTP transport support. For multi-tenant deployment, the platform must spawn a separate server instance per user.
Add HTTP/SSE transport to accept per-request Authorization headers, or implement the MCP OAuth spec.
Tool Schema Quality
MEDIUMOnly 1 of 4 schemas have parameter constraints
Most schemas lack maxLength, enum, or pattern constraints on string parameters.
Add constraints to string parameters, especially on write operations.
Data Exposure
LOWNo field selection on responses
Responses return full records rather than projected fields.
Implement field selection to return only relevant fields.
Maintenance & Trust
LOWCommunity-maintained by Prathamesh Mane
No official vendor backing.
Seek vendor verification.
HIGH6 dependency vulnerabilities (1 critical, 3 high)
npm audit found 1 critical and 3 high severity CVEs.
Run `npm audit fix` and update vulnerable dependencies.
Tools
4 total| Name | Description | Risk |
|---|---|---|
| get_meetings | Retrieve all active Zoom meetings | read |
| create_meeting | Create a new Zoom meeting | write |
| update_meeting | Update an existing Zoom meeting | write |
| delete_meeting | Delete an existing Zoom meeting | write |
Deploy Zoom MCP securely
CompleteFlow adds per-user authentication, permission scoping, and audit logging to any MCP server out of the box.
Deploy on CompleteFlow