telnyx-voice-streaming-curl

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly allows streaming call audio to an arbitrary stream_url (WebSocket) in the POST /calls/.../actions/streaming_start example and also uses real-time transcription/webhook events (call.transcription) that the agent is expected to consume and act on, meaning untrusted third-party endpoints or transcription engines could supply content that materially influences behavior.