Twilio SMS Automation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from incoming SMS messages, creating a surface for indirect prompt injection attacks.
- Ingestion points: Incoming SMS message bodies are processed via webhooks as documented in the Handle Incoming SMS section of SKILL.md.
- Boundary markers: There are no delimiters or instructions provided to the agent to ignore potentially malicious content within the incoming message.
- Capability inventory: The skill utilizes MCP tools including twilio_send_sms, twilio_voice_call, twilio_lookup, and twilio_verify.
- Sanitization: The skill lacks explicit sanitization or validation of the message body before it is used to influence agent behavior.
Audit Metadata