twilio-phone
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (HIGH): The skill documentation and the
upload_audiofunction inscripts/voice_call.pyexplicitly usehttps://tmpfiles.org/api/v1/upload. This domain is flagged as a Botnet-related URL by security scanners. - [DATA_EXFILTRATION] (HIGH): User-generated audio content is uploaded to an unauthenticated, flagged third-party service (tmpfiles.org), risking exposure of sensitive communication.
- [COMMAND_EXECUTION] (LOW): The Python script executes
curlandtwilioCLI commands viasubprocess.run. While it uses list-based arguments to mitigate shell injection, it relies on the security and availability of external binaries. - [CREDENTIALS_UNSAFE] (LOW): The skill requires an
ELEVENLABS_API_KEYand suggests storing it in a.envfile, which requires careful local management to prevent accidental exposure. - [PROMPT_INJECTION] (LOW): (Category 8) This skill presents a surface for indirect prompt injection via the
args.messageinput. 1. Ingestion point:args.messageinscripts/voice_call.py. 2. Boundary markers: Absent. 3. Capability inventory:subprocess.runcalls tocurlandtwilio. 4. Sanitization: Absent.
Recommendations
- AI detected serious security threats
- Contains 2 malicious URL(s) - DO NOT USE
Audit Metadata