twilio

[Skill Scanner] Backtick command substitution detected All findings: [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] SUSPICIOUS (not directly malicious): The skill's stated purpose and capabilities match its implementation — it proxies Twilio API calls through Maton-managed endpoints and requires a MATON_API_KEY. There is no evidence in the documentation of obfuscated or malicious code, hardcoded secrets, or local data exfiltration. The security concern is architectural: credentials and OAuth tokens are handled by a third party (maton.ai), so users must trust Maton with access to their Twilio accounts. That increases supply-chain risk compared to direct Twilio API usage. If you plan to use this skill, review Maton’s security posture, token storage/rotation, scope limitations, and audit logs before granting access. LLM verification: No direct malicious code, obfuscation, or system-level backdoors were found in the provided documentation and examples. The principal security concern is architectural: all Twilio API traffic and OAuth tokens are routed through Maton-controlled services (gateway.maton.ai, ctrl.maton.ai, connect.maton.ai). Using this skill requires trusting Maton to store and handle OAuth tokens and message content safely. If Maton is untrusted or compromised, credentials and message data could be exposed or abus