telnyx-voice-media-python

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly accepts arbitrary audio URLs via the Play audio (audio_url) command and documents transcription/webhook events (call.recording.transcription.saved with data.payload.transcription_text), which means the skill ingests untrusted user-provided audio/text from callers or public URLs that could contain instructions influencing behavior.