telnyx-whatsapp-python
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill implements standard API integration patterns using the official vendor SDK and follows established best practices for secure credential handling.
- [EXTERNAL_DOWNLOADS]: The skill specifies the installation of the official
telnyxPython package via pip, which is the expected and legitimate library for interacting with the vendor's API. - [PROMPT_INJECTION]: The skill handles untrusted data by allowing the agent to populate message bodies and parameters for WhatsApp messages. While this creates a surface for indirect prompt injection, this is inherent to the skill's primary function of messaging, and no specific exploits or safety bypasses were detected.
- [CREDENTIALS_UNSAFE]: The skill correctly demonstrates accessing the
TELNYX_API_KEYvia environment variables usingos.environ.get(), avoiding the risk of hardcoded secrets.
Audit Metadata