telnyx-account-java
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified. The skill contains documentation and code examples for a legitimate service.
- [EXTERNAL_DOWNLOADS]: The skill references the official Telnyx Java SDK on GitHub (github.com/team-telnyx/telnyx-java). This is a trusted vendor resource.
- [DATA_EXFILTRATION]: Credential management is handled safely via environment variables (TelnyxOkHttpClient.fromEnv()), avoiding hardcoded secrets.
- [PROMPT_INJECTION]: The skill ingests data from external Telnyx API responses (audit logs, webhooks in SKILL.md), which constitutes an indirect prompt injection surface. Evidence: 1. Ingestion points: Audit log entries and webhook debug data. 2. Boundary markers: None present in code snippets. 3. Capability inventory: Network requests to Telnyx API. 4. Sanitization: Not demonstrated in basic examples. This surface is inherent to the skill's primary function and is assessed as safe given the context and lack of dangerous capabilities.
Audit Metadata