telnyx-messaging-ruby
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes inbound SMS/MMS messages through the inboundMessage webhook event. If an AI agent uses this skill to read and act upon the content of these messages, it may be vulnerable to indirect prompt injection where malicious instructions in the message text override the agent's core guidelines.
- Ingestion points: data.payload.text in the inboundMessage webhook section of SKILL.md.
- Boundary markers: Not provided in the implementation examples.
- Capability inventory: The skill can send messages, manage alphanumeric sender IDs, and configure auto-response settings.
- Sanitization: No sanitization or validation of the message body is shown in the provided Ruby examples.
Audit Metadata