The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external webhook events and has the capability to execute API commands based on that data.
Ingestion points: Incoming webhook payloads are processed in the handleWebhook example within SKILL.md.
Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings for data extracted from the webhooks.
Capability inventory: The skill possesses capabilities to perform sensitive telephony operations including dial, answer, transfer, bridge, and hangup as detailed in SKILL.md.
Sanitization: The skill utilizes the official Telnyx SDK's client.webhooks().unwrap() method to perform Ed25519 signature verification on incoming requests.

telnyx-voice-java