send-sms
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill connects to the well-known Twilio API at api.twilio.com to send messages. Communication with this trusted service is necessary for the skill's primary function and follows standard integration practices.
- [COMMAND_EXECUTION]: The skill executes a local shell script (scripts/run.sh) and provides curl command examples to interface with the Twilio API.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes external content for delivery via SMS.
- Ingestion points: User-provided content is accepted through the
message_bodyandto_phoneparameters. - Boundary markers: No explicit delimiters are present in the instruction template to isolate user input from the skill logic.
- Capability inventory: The skill uses curl to perform authenticated network POST requests and executes a bundled bash script.
- Sanitization: The implementation uses curl's
--data-urlencodeflag, which ensures that user-provided message content is properly escaped before being sent to the external API.
Audit Metadata