telnyx-webrtc-client-flutter
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes official vendor packages including 'telnyx_webrtc' and references the 'telnyx_common' library on the official Dart package registry (pub.dev). These are trusted resources owned by the skill author.
- [PROMPT_INJECTION]: The skill facilitates AI Agent integration by processing real-time transcripts and call metadata. This creates an attack surface for indirect prompt injection where external voice or text data could attempt to influence the agent's behavior. This is documented as a core feature and is considered safe within the primary use case of a communication SDK.\n
- Ingestion points: 'onTranscriptUpdate' callback and 'onSocketMessageReceived' (INVITE params) in SKILL.md.\n
- Boundary markers: None identified in the documentation examples.\n
- Capability inventory: Audio recording, call management (accept/decline/end), and sending text messages to an AI assistant.\n
- Sanitization: Not explicitly mentioned in the provided implementation examples.
Audit Metadata