telnyx-texml-javascript

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly says Telnyx "will request TeXML from the XML Request URL configured for the connection" (see the "Initiate an outbound TeXML call" note and voice_url fields in the TeXML Application create/update sections), meaning the runtime fetches arbitrary external URLs whose TeXML can contain instructions that materially change call behavior.