telnyx-ai-inference-python

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "Embed URL content" endpoint (POST /ai/embeddings/url) explicitly crawls and loads website content and child pages from arbitrary URLs into a storage bucket for embedding and later similarity search, meaning untrusted public web content is fetched and then read/used by the system—allowing third-party instructions to influence embeddings/search and downstream model behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill exposes POST /ai/embeddings/url which fetches a user-specified external website (the "url" parameter) at runtime and stores/embed its content (retrievable later via /ai/embeddings/similarity-search as document chunks), meaning fetched remote content can directly influence model prompts/context.