Skills
skills/team-telnyx/telnyx-skills/telnyx-webrtc-client-ios/Gen Agent Trust Hub

telnyx-webrtc-client-ios

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions facilitate downloading the TelnyxRTC SDK from the official Telnyx GitHub repository (github.com/team-telnyx) and the CocoaPods registry.\n- [DATA_EXFILTRATION]: By default, the SDK transmits diagnostic call quality metrics and WebRTC statistics to Telnyx-owned servers (voice-sdk-proxy). This is a standard telemetry feature for VoIP services to monitor service reliability and is configurable via the TxConfig object.\n- [COMMAND_EXECUTION]: The documentation directs the user to execute pod install --repo-update to install required dependencies via CocoaPods.\n- [PROMPT_INJECTION]: The skill implements a handler for incoming VoIP push notifications that extracts caller metadata (name and number) from an external payload, presenting an indirect injection surface.\n
  • Ingestion points: The handleVoIPPush function in SKILL.md extracts data from PKPushPayload.\n
  • Boundary markers: Absent.\n
  • Capability inventory: Network signaling and audio session management via the TxClient class.\n
  • Sanitization: Absent; the code uses Swift type casting and default values for data extraction.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 05:53 PM