telnyx-voice-gather-ruby
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the official telnyx Ruby gem from the standard registry.
- [SAFE]: Demonstrates secure handling of credentials using environment variables (TELNYX_API_KEY).
- [SAFE]: Provides implementation examples for validating webhook authenticity using Ed25519 signatures, which is a security best practice.
- [PROMPT_INJECTION]: The skill facilitates the processing of untrusted caller speech and DTMF data through an AI assistant, creating a surface for indirect prompt injection. * Ingestion points: Caller voice and DTMF input via gather_using_ai and assistant actions in SKILL.md. * Boundary markers: None provided in the examples to isolate caller input from instructions. * Capability inventory: Network API requests to Telnyx in SKILL.md. * Sanitization: Not addressed in the provided code examples.
Audit Metadata