telnyx-ai-assistants-go

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes parameters that fetch and ingest content from arbitrary external URLs—notably DynamicVariablesWebhookUrl (references/api-details.md) and the Get Assistant parameter FetchDynamicVariablesFromWebhook, plus tool/webhook/retrieval and MCP server Url fields—which means untrusted third-party responses can be read and used as dynamic variables that materially influence assistant behavior.