telnyx-voice-media-go

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill can ingest untrusted third-party content: it accepts arbitrary audio URLs in the "Play audio URL" endpoint (audio_url/media_url) and receives caller-generated transcriptions via webhooks like call.recording.transcription.saved (data.payload.transcription_text), both of which the agent would read and which can influence subsequent call-control actions.