skills/twilio/skills/twilio-messaging-webhooks/Snyk

twilio-messaging-webhooks

Warn

Audited by Snyk on May 6, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests untrusted user-generated content from Twilio inbound webhooks (e.g., the SKILL.md Quickstart and "Inbound Webhook Parameters" showing request.form.get("Body") / req.body.Body), and the agent is expected to read/use that content to form replies, which could materially influence behavior.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 6, 2026, 02:15 PM

Issues

1

Security Audit — snyk — twilio-messaging-webhooks