telnyx-voice-python

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Secret detected (high risk: 1.00). I scanned for high-entropy, literal values that could be usable credentials. The snippet call_control_id_to_bridge_with="v3:MdI91X4lWFEs7IgbBEOT9M4AigoY08M0WWZFISt1Yw2axZ_IiE4pqg" is a high-entropy, random-looking string with a "v3:" token prefix (consistent with Telnyx token formats) and is embedded directly in a code example — this meets the definition of a secret and could be a usable credential.

Ignored items and why:

• Numeric IDs like "1293384261075731499" and phone numbers (+18005550101) are not high-entropy secrets (they are resource identifiers or examples).
• Placeholder-like values such as "call_control_id", "connection_id", or the partially masked "7267xxxxxxxxxxxxxx" are clearly non-secrets or redacted/masked and are ignored per the rules.
• The client initialization uses os.environ.get("TELNYX_API_KEY") (no literal key present), so nothing to flag there.

Therefore I flag the single high-entropy literal token shown above as a secret.