telephony

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows and instructs CLI commands that embed API keys/auth tokens as positional arguments (e.g., save-twilio AC... auth_token_here, save-bland your_bland_api_key), which would require the agent to output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly polls and ingests user-generated messages and call transcripts from third-party APIs (Twilio inbox via twilio-inbox and AI call transcripts/analysis via Bland.ai and Vapi) as shown in SKILL.md and implemented in scripts/telephony.py (_twilio_inbox, _bland_status, _vapi_status), so untrusted external content is read and can drive agent decisions.