The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill documents how to ingest external message content from the Twilio Body parameter. It provides a mandatory security warning to developers, advising them to treat this input as untrusted and to isolate it using boundary markers when passing it to an LLM.
Ingestion points: SKILL.md (within the incoming_message route handlers).
Boundary markers: The instructions explicitly recommend isolating message content as user input and avoiding direct concatenation into system prompts.
Capability inventory: The provided scripts are limited to returning TwiML responses; no file system, subprocess, or dynamic code execution capabilities are present.
Sanitization: The skill provides full implementation examples for X-Twilio-Signature validation to ensure requests originate from the trusted provider.
[DATA_EXPOSURE]: The skill references sensitive Twilio credentials (TWILIO_ACCOUNT_SID, TWILIO_AUTH_TOKEN) but correctly directs users to secure them via environment variables and provides code snippets that implement this standard practice.
[EXTERNAL_DOWNLOADS]: The skill recommends installing standard, well-known libraries (twilio, flask, express) from official package registries for legitimate integration purposes.

twilio-messaging-webhooks