telnyx-messaging-hosted-curl
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security vulnerabilities, malicious code, or suspicious patterns were detected. All network operations are directed at the official Telnyx API domain (api.telnyx.com) as expected for this vendor's skill.
- [COMMAND_EXECUTION]: The skill uses curl to demonstrate API interactions. This command execution is restricted to standard HTTP methods (GET, POST, PATCH, DELETE, PUT) and is consistent with the skill's stated purpose of providing REST API examples.
- [CREDENTIALS_UNSAFE]: The skill correctly uses environment variables with placeholders ('YOUR_API_KEY_HERE') for authentication instead of hardcoding sensitive credentials.
- [DATA_EXFILTRATION]: While the skill includes a file upload example using curl's form data feature ('-F "loa=@/path/to/file"'), it is used for legitimate document submission (Letters of Authorization) to the vendor's API and does not target sensitive system files.
Audit Metadata