twilio-cli-reference
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides installation commands for the Twilio CLI using official package managers including Homebrew, Scoop, and npm. It also references the well-known tunneling service ngrok for local development tasks.
- [COMMAND_EXECUTION]: The skill facilitates the execution of various CLI commands to manage Twilio resources, such as purchasing phone numbers, sending SMS/Email, and deploying serverless functions.
- [PROMPT_INJECTION]: The skill enables the agent to ingest external data, creating a surface for indirect prompt injection. \n
- Ingestion points: Data enters the context via
twilio api:core:messages:listandtwilio watch. \n - Boundary markers: There are no instructions to the agent to disregard instructions contained within the message data it reads. \n
- Capability inventory: The skill allows the agent to execute shell commands and perform network-based communication tasks. \n
- Sanitization: There is no evidence of content filtering or sanitization of the retrieved communication logs.
Audit Metadata