telnyx-voice-gather-java

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill clearly ingests untrusted, third‑party user content: SKILL.md documents starting an AI assistant and AI-powered gathers that process caller speech and message_history (Start AI Assistant, Gather using AI, webhooks like CallAIGatherPartialResults/CallAIGatherEnded) and also accepts external audio via audio_url/invalid_audio_url in gather_using_audio, all of which the agent is expected to read/interpret and can materially influence call actions.