skills/twilio/ai/twilio-customer-memory/Snyk

twilio-customer-memory

Warn

Audited by Snyk on May 13, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The skill explicitly retrieves customer-written observations and conversation summaries from the public Memory API (memory.twilio.com — e.g., Profiles/{profile_id}/Recall) and injects those untrusted, user-generated contents directly into the LLM system prompt (SKILL.md recall examples), so third-party content can materially influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The skill issues runtime calls to memory.twilio.com (e.g., POST https://memory.twilio.com/v1/Services/{memory_store_sid}/Profiles/{profile_id}/Recall) and injects the returned observations/summaries directly into the LLM system prompt, so external content from that URL can control agent prompts.

Issues (2)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 13, 2026, 11:20 PM

Issues

2

Security Audit — snyk — twilio-customer-memory