twilio-api
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows security best practices by recommending environment variables for sensitive credentials like account SIDs and auth tokens rather than hardcoding them in scripts.
- [SAFE]: Includes comprehensive implementation details for webhook signature verification using HMAC-SHA1, which is a critical security control for ensuring incoming requests originate from a trusted source.
- [SAFE]: Implements output escaping for TwiML responses to prevent XML-related vulnerabilities when responding to automated telephony webhooks.
- [EXTERNAL_DOWNLOADS]: The skill references the official Twilio Node.js SDK and public API endpoints, which are well-known and trusted services for communication infrastructure.
Audit Metadata