Twilio SMS Automation
Pass
Audited by Gen Agent Trust Hub on Jun 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: Analysis of the skill instructions and code snippets reveals no malicious intent, obfuscation, or unauthorized access to sensitive system resources. The skill serves as a functional bridge for Twilio communication services.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to process external message content and interpolate untrusted data into templates. This is a common characteristic of communication-based skills.\n
- Ingestion points: Incoming SMS request bodies and template variables defined in the configuration sections.\n
- Boundary markers: The provided examples do not demonstrate the use of delimiters or explicit instructions to the model to ignore embedded commands in the processed data.\n
- Capability inventory: The skill uses tools for SMS transmission, voice calls, and phone number verification.\n
- Sanitization: Input sanitization is not explicitly implemented in the provided logic snippets, which is typical for reference implementations.
Audit Metadata