telnyx-voice-gather-javascript

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill accepts and processes caller/user-generated content via the AI gather endpoints (e.g., POST /calls/{call_control_id}/actions/gather_using_ai and the ai_assistant_start flow) and receives webhook events that include message_history (CallAIGatherMessageHistoryUpdated / CallAIGatherPartialResults), which the agent is expected to read and act on—exposing it to untrusted third-party input that could influence behavior.