Skills
skills/team-telnyx/telnyx-skills/telnyx-iot-java/Gen Agent Trust Hub

telnyx-iot-java

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes data from the Telnyx API, which creates a surface for indirect prompt injection if external entities can influence resource metadata processed by the agent.
  • Ingestion points: Resource lists and details fetched via GET endpoints (e.g., client.simCards().list() and client.simCardGroups().list() in SKILL.md).
  • Boundary markers: No explicit delimiters or boundary instructions are provided in the documentation to isolate API response data from agent instructions.
  • Capability inventory: The skill allows for high-impact operations including purchasing eSIMs (client.actions().purchase().create), registering SIM cards, and decommissioning resources (client.simCards().delete).
  • Sanitization: No specific sanitization or validation of API response content is mentioned before it enters the agent's context.
  • [EXTERNAL_DOWNLOADS]: The skill references the official Telnyx Java SDK (com.telnyx.sdk:telnyx-java:6.26.0) for its implementation examples.
  • [SAFE]: The skill demonstrates best practices for credential security by using TelnyxClient.fromEnv() to load API keys from environment variables rather than hardcoding them.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 05:52 PM
Security Audit — agent-trust-hub — telnyx-iot-java