skills/twilio/ai/twilio-agent-connect/Snyk

twilio-agent-connect

Warn

Audited by Snyk on May 13, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). The skill processes untrusted, user-generated messages received via Twilio webhooks (SMS/WhatsApp/Chat/Voice) — e.g., the on_message_ready/onMessageReady callbacks in SKILL.md append user_message to conversation_history and pass it directly into LLM calls — allowing third-party content to influence agent actions and responses.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 13, 2026, 11:20 PM

Issues

1

Security Audit — snyk — twilio-agent-connect