telnyx-ai-assistants-python
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data through chat messages and configuration parameters which could contain instructions designed to manipulate agent behavior (Indirect Prompt Injection).
- Ingestion points: The
contentparameter inclient.ai.assistants.chat()and theinstructionsparameter inclient.ai.assistants.create()(found in SKILL.md). - Boundary markers: The skill does not implement or recommend delimiters or safety instructions to isolate untrusted content.
- Capability inventory: The skill provides access to resource deletion (
client.ai.assistants.delete()), SMS messaging (client.ai.assistants.send_sms()), and external tool integration via MCP (client.ai.mcp_servers.create()) in SKILL.md. - Sanitization: There is no evidence of input validation, filtering, or escaping for user-provided strings.
- [COMMAND_EXECUTION]: The
client.ai.mcp_servers.createmethod allows for the configuration of Model Context Protocol servers using a URL, enabling the agent to dynamically extend its capabilities with external tools.
Audit Metadata