Skills
skills/twilio/skills/twilio-enterprise-knowledge/Gen Agent Trust Hub

twilio-enterprise-knowledge

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements a retrieval-augmented generation (RAG) pattern, which creates an inherent surface for indirect prompt injection.
  • Ingestion points: Data is ingested from the Twilio Knowledge Base search results via the https://knowledge.twilio.com/v1/KnowledgeBases/{kb_id}/Search endpoint, which may include crawled web content or uploaded documents (SKILL.md).
  • Boundary markers: In the provided Python and Node.js examples, retrieved content chunks are interpolated into the system prompt without explicit delimiters or instructions to ignore embedded commands (SKILL.md).
  • Capability inventory: The skill itself is limited to API interactions, but it is intended to provide context to agents that may have broader execution capabilities.
  • Sanitization: The examples demonstrate direct interpolation of external content into the LLM prompt without sanitization or validation (SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 07:12 AM
Security Audit — agent-trust-hub — twilio-enterprise-knowledge