telnyx-texml-python

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md explicitly states that Telnyx will fetch TeXML from the XML Request URL (e.g., the voice_url/voice_fallback_url fields shown in "Initiate an outbound call" and "Creates a TeXML Application"), meaning arbitrary external URLs can supply TeXML (user-generated/untrusted) that is fetched and interpreted at runtime to control call behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). Telnyx explicitly fetches TeXML from the configured XML Request URL (voice_url, e.g. https://example.com) at call time and that remote TeXML controls call prompts/instructions, so this is a runtime external dependency that can directly control agent behavior.