pp-twilio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md explicitly documents probing external webhook URLs with twilio-pp-cli webhook-audit --probe and supports delivering output to arbitrary webhook:<url> sinks, which causes the agent to fetch/inspect public third-party URLs and act on the HTTP results, exposing it to untrusted external content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires installing and running a third-party CLI fetched and executed at install/runtime (npm package via "npx -y @mvanhorn/printing-press" and Go module "github.com/mvanhorn/printing-press-library/library/social-and-messaging/twilio/cmd/twilio-pp-cli@latest"), so it pulls and executes remote code that directly affects the agent environment.