telnyx-voice-gather-java

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill starts an AI assistant and gathers caller input (see ai_assistant_start, gather_using_ai and the webhooks CallAIGatherEnded / CallAIGatherMessageHistoryUpdated) and also accepts external media via audio_url/invalid_audio_url in gather_using_audio, which clearly ingests untrusted, user-generated third-party content (call audio/messages) that the agent reads and can influence subsequent actions.