telnyx-messaging-curl
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard documentation and code examples for using the Telnyx API. All network operations use curl to communicate with the official vendor domain (api.telnyx.com).
- [SAFE]: Authentication is handled via an environment variable ($TELNYX_API_KEY) with a clear placeholder for users (YOUR_API_KEY_HERE), which is a secure practice to prevent credential leakage.
- [SAFE]: The skill defines a surface for indirect prompt injection by processing inbound message text (data.payload.text). However, it does not instruct the agent to execute code or perform high-risk actions based on this content, and no exploitable capabilities (like eval or filesystem access) are provided within the skill's instructions.
- [SAFE]: Webhook verification instructions correctly advise users to verify Ed25519 signatures, promoting secure integration patterns for production environments.
Audit Metadata