twilio-conversations
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches installation scripts from NodeSource, which is a well-known and trusted service provider for the Node.js runtime.
- [COMMAND_EXECUTION]: Utilizes system package managers (apt-get, dnf, brew) and systemd for environment configuration and lifecycle management of the messaging service.
- [REMOTE_CODE_EXECUTION]: Provides instructions to execute the official NodeSource setup script to install Node.js as part of the initial system preparation.
- [PROMPT_INJECTION]: Ingests untrusted data from various messaging channels (SMS, WhatsApp, chat), which introduces a surface for indirect prompt injection.
- Ingestion points: Untrusted message content enters the system context via the Express webhook handler defined in
src/server.ts. - Boundary markers: The skill does not explicitly describe the use of delimiters when passing this untrusted content to the agent's prompts.
- Capability inventory: The skill grants the agent capabilities to create conversations, manage participants, and send messages through the Twilio API.
- Sanitization: The implementation includes
X-Twilio-Signaturevalidation to verify that the incoming webhook data originates from Twilio.
Audit Metadata