telnyx-import-vapi

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly says the import API "pulls assistant configurations directly from Vapi" and that "Instructions" are "Imported as-is" (via the POST https://api.telnyx.com/v2/ai/assistants/import flow), meaning untrusted, user-provided assistant content (including instructions, tool definitions, and server URLs) is ingested and can change agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill issues a runtime POST to https://api.telnyx.com/v2/ai/assistants/import which pulls assistant configurations (including instructions/greetings) from Vapi, meaning remote content fetched via that endpoint can directly control the agent's prompts.