Skip to main content

twilio-agent-connect

Integrates third-party LLM agent runtimes with Twilio's communication services for enhanced customer interactions.

Install this skill

or
15/100

Security score

The twilio-agent-connect skill was audited on May 24, 2026 and we found 19 security issues across 4 threat categories, including 1 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

medium line 183

Template literal with variable interpolation in command context

SourceSKILL.md
183const systemPrompt = SYSTEM_INSTRUCTIONS + (memoryContext ? `\n\n${memoryContext}` : '');
medium line 428

Template literal with variable interpolation in command context

SourceSKILL.md
428const systemPrompt = SYSTEM_INSTRUCTIONS + `\n\n${memoryContext}`;
medium line 308

Webhook reference - potential data exfiltration

SourceSKILL.md
3081. **Webhook/Connection Received** - Twilio sends webhook (messaging) or WebSocket connection (voice)
medium line 347

Webhook reference - potential data exfiltration

SourceSKILL.md
347- Fire-and-forget webhook processing with immediate 200 response
low line 374

Webhook reference - potential data exfiltration

SourceSKILL.md
374@app.post("/ci-webhook")
low line 375

Webhook reference - potential data exfiltration

SourceSKILL.md
375async def ci_webhook_handler(request: Request):
medium line 498

Webhook reference - potential data exfiltration

SourceSKILL.md
498- Use immediate 200 responses for webhooks to prevent retries
medium line 506

Webhook reference - potential data exfiltration

SourceSKILL.md
506- Implement webhook signature validation (Twilio SDK provides helpers)
medium line 507

Webhook reference - potential data exfiltration

SourceSKILL.md
507- Use HTTPS for all webhook endpoints
medium line 511

Webhook reference - potential data exfiltration

SourceSKILL.md
511- Use ngrok for local webhook testing
medium line 513

Webhook reference - potential data exfiltration

SourceSKILL.md
513- Implement logging for debugging webhook processing
medium line 522

Webhook reference - potential data exfiltration

SourceSKILL.md
522- Check profile_id is present in webhook data
medium line 532

Webhook reference - potential data exfiltration

SourceSKILL.md
532- Ensure webhook returns 200 immediately
medium line 223

Ngrok tunnel reference

SourceSKILL.md
223TWILIO_VOICE_PUBLIC_DOMAIN=your-domain.ngrok.io
high line 511

Ngrok tunnel reference

SourceSKILL.md
511- Use ngrok for local webhook testing
medium line 454

Access to .env file

SourceSKILL.md
454- Generates `.env` file with all required credentials
low line 433

External URL reference

SourceSKILL.md
433- **Quickstart Guide**: https://www.twilio.com/docs/platform/tac/quickstart
low line 434

External URL reference

SourceSKILL.md
434- **Overview Documentation**: https://www.twilio.com/docs/platform/tac/overview
low line 448

External URL reference

SourceSKILL.md
448make setup # Opens http://localhost:8080
Scanned on May 24, 2026
View Security Dashboard
Installation guide →
GitHub Stars 1.2K
Rate this skill
Categorysales
UpdatedJune 10, 2026
openclawapicustomer-success-managersales-engineertechnical-supportbusiness-developmentml-ai-engineertwilioopenaisalessupportdevelopment
openai/plugins