sms

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill ingests untrusted, user-generated SMS content via sms_listen.py (Twilio polling and Telnyx webhooks) which is stored in inbox.jsonl and then directly injected into the Claude prompt in scripts/sms_respond.py (build_prompt) to generate replies and update memory/state, allowing third-party text to influence tool use and actions.