telnyx-whatsapp-python

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security issues detected. The skill implements standard API integration patterns using the official vendor SDK and follows established best practices for secure credential handling.
  • [EXTERNAL_DOWNLOADS]: The skill specifies the installation of the official telnyx Python package via pip, which is the expected and legitimate library for interacting with the vendor's API.
  • [PROMPT_INJECTION]: The skill handles untrusted data by allowing the agent to populate message bodies and parameters for WhatsApp messages. While this creates a surface for indirect prompt injection, this is inherent to the skill's primary function of messaging, and no specific exploits or safety bypasses were detected.
  • [CREDENTIALS_UNSAFE]: The skill correctly demonstrates accessing the TELNYX_API_KEY via environment variables using os.environ.get(), avoiding the risk of hardcoded secrets.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 04:25 AM