They wouldn't do it "intentionally". It would be an mistake "accidentally" made by a Developer or AI, that under the right conditions allows Zoom employees, etc arbitrary file reads on the host...