telnyx-tts-python
Pass
Audited by Gen Agent Trust Hub on Jul 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted text data through the
textparameter, creating a potential surface for indirect prompt injection. - Ingestion points:
textparameter in thegeneratemethod and CLI commands withinSKILL.md. - Boundary markers: No specific delimiters or boundary markers (like XML tags or clear separators) are suggested in the documentation to isolate input text.
- Capability inventory: The skill is capable of performing network API requests to the Telnyx TTS service; it does not exhibit file-system writes or arbitrary command-execution capabilities based on the processed text.
- Sanitization: No explicit input validation or sanitization is described in the provided examples.
- [SAFE]: The skill follows secure credential management practices by retrieving the API key from the environment (
TELNYX_API_KEY). - [SAFE]: The installation of the
telnyxPython package is a legitimate dependency provided by the vendor.
Audit Metadata