telnyx-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — SKILL.md includes webhook handlers (Quick Reference #3 and the Two‑Way Conversation State Machine in Quick Reference #8) that parse and act on incoming Telnyx webhook/SMS payloads (user-generated, third‑party content) and it also queries public Telnyx APIs (e.g., curl calls to https://api.telnyx.com) whose responses directly influence decisions and actions, so untrusted third‑party content can materially affect behavior.