telnyx-voice-gather-ruby

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md specifically documents starting an AI assistant and the Gather Using AI endpoint (POST /calls/{call_control_id}/actions/gather_using_ai) and webhook events like CallAIGatherMessageHistoryUpdated/CallAIGatherPartialResults that deliver caller message_history and partial results—i.e., the agent ingests untrusted, user-provided speech/text from third-party callers which the assistant is expected to read and use to drive actions—creating a clear route for indirect prompt injection.