telnyx-voice-streaming-javascript
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes the telnyx npm package, which is the official SDK for the Telnyx platform. This is a trusted vendor resource.
- [PROMPT_INJECTION]: The skill provides access to untrusted external data through voice transcription, creating a surface for indirect prompt injection. 1. Ingestion points: Call transcription webhooks. 2. Boundary markers: None specified. 3. Capability inventory: SDK methods for call control and media management (SKILL.md). 4. Sanitization: No sanitization or filtering of transcribed text is defined. This allows potentially malicious spoken content to enter the agent's context.
Audit Metadata