telnyx-messaging-python
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the official 'telnyx' Python package for installation. This is a legitimate and expected dependency for the service provided.
- [CREDENTIALS_UNSAFE]: Setup instructions recommend using environment variables ('TELNYX_API_KEY') to manage sensitive credentials, which is a secure practice that avoids hardcoding secrets.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill processes untrusted incoming message content via 'inboundMessage' webhooks.
- Ingestion points: Webhook payload fields in 'SKILL.md' and 'references/api-details.md'.
- Boundary markers: Absent. The example code does not define specific delimiters to isolate untrusted text.
- Capability inventory: The agent can send outbound messages ('client.messages.send') and modify messaging profile settings.
- Sanitization: Absent. The provided logic processes the 'text' field of incoming messages directly.
Audit Metadata