twilio-conversation-orchestrator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to list and read Conversations and Communications (messages and voice transcriptions) via the Conversations API (see "Read Conversations and Communications" code samples and the "Read Communications (messages + voice utterances) within a Conversation" CAN list), meaning it ingests user-generated third‑party messages/transcripts which can be analyzed by Intelligence operators and therefore could materially influence actions.