telnyx-ai-inference-go

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill includes an "Embed URL content" endpoint (POST /ai/embeddings/url) that crawls and ingests website pages (main URL plus linked child pages) from arbitrary public URLs into Telnyx storage for embedding, meaning untrusted third-party web content can be read and incorporated into AI workflows and thus could indirectly inject instructions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill exposes the POST /ai/embeddings/url endpoint which at runtime fetches arbitrary website content from the user-supplied "url" and loads it into Telnyx storage/embeddings (i.e., remote content is fetched and can be injected into the model context, thereby controlling prompts), so this runtime URL fetch meets the criteria for a risky external dependency.