Back to skill

Security audit

Twilio Comms

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Twilio command-line skill, but it can use a real Twilio account to contact real recipients and trigger verification codes.

Install only if you intend your agent to use your Twilio account. Prefer a dedicated Twilio subaccount or limited credentials, review every send/call/Verify command before it runs, use only authorized recipient numbers, and avoid listing messages or recordings unless you are comfortable exposing that communication content in the agent session.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The usage examples and description encourage sending SMS, voice calls, WhatsApp messages, and 2FA codes to real phone numbers, but the skill does not prominently warn users that these are live outbound actions with billing, privacy, and abuse implications. In this context, lack of warning is especially risky because mistakes can immediately contact unintended recipients, trigger real-world harassment/spam concerns, or send verification codes to third parties.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The CLI can send SMS/WhatsApp messages and place calls immediately based on command-line arguments, with no confirmation prompt, dry-run mode, allowlist, or other guardrail. In an agent/skill context, this increases the risk of unintended external actions, spam, charges, or social-engineering abuse if the tool is invoked with attacker-influenced input.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.