telnyx-ai-assistants-go

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly includes endpoints that fetch and ingest external, potentially untrusted content—notably "Import assistants from external provider" (POST /ai/assistants/import) and testing webhook tools/MCP server URLs (POST /ai/assistants/{assistant_id}/tools/{tool_id}/test and /ai/mcp_servers) which pull in assistant instructions and webhook responses that the agent is expected to read and which can materially alter behavior.