Skip to main content

telnyx-whatsapp-javascript

Enables sending WhatsApp messages and managing templates via the Telnyx WhatsApp Business API using JavaScript.

Install this skill

or
26/100

Security score

The telnyx-whatsapp-javascript skill was audited on May 13, 2026 and we found 18 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 48

Template literal with variable interpolation in command context

SourceSKILL.md
48console.log(`API error: ${error.status} - ${error.message}`);
medium line 188

Template literal with variable interpolation in command context

SourceSKILL.md
188console.log(`${waba.id}: ${waba.name} (${waba.status})`);
medium line 214

Template literal with variable interpolation in command context

SourceSKILL.md
214console.log(`${tmpl.id}: ${tmpl.name} (${tmpl.category}) - ${tmpl.status}`);
medium line 246

Template literal with variable interpolation in command context

SourceSKILL.md
246console.log(`Template created: ${response.data.id} (status: ${response.data.status})`);
medium line 258

Template literal with variable interpolation in command context

SourceSKILL.md
258console.log(`${pn.phone_number} - quality: ${pn.quality_rating}`);
medium line 87

Webhook reference - potential data exfiltration

SourceSKILL.md
87Do not invent Telnyx parameters, enums, response fields, or webhook fields.
medium line 91

Webhook reference - potential data exfiltration

SourceSKILL.md
91- Before reading or matching webhook fields beyond the inline examples, read [the webhook payload reference](references/api-details.md#webhook-payload-fields).
medium line 108

Webhook reference - potential data exfiltration

SourceSKILL.md
108| `webhook_url` | string (URL) | No | Callback URL for delivery status updates |
medium line 264

Webhook reference - potential data exfiltration

SourceSKILL.md
264### Webhook Verification
medium line 266

Webhook reference - potential data exfiltration

SourceSKILL.md
266Telnyx signs webhooks with Ed25519. Always verify signatures in production:
low line 269

Webhook reference - potential data exfiltration

SourceSKILL.md
269import { Webhook } from 'telnyx';
low line 271

Webhook reference - potential data exfiltration

SourceSKILL.md
271const event = Webhook.constructEvent(
medium line 279

Webhook reference - potential data exfiltration

SourceSKILL.md
279## Webhooks
medium line 281

Webhook reference - potential data exfiltration

SourceSKILL.md
281These webhook payload fields are inline because they are part of the primary integration path.
medium line 320

Webhook reference - potential data exfiltration

SourceSKILL.md
320| Configure webhooks | `client.whatsapp.businessAccounts.settings.update()` | Subscribe to events |
medium line 333

Webhook reference - potential data exfiltration

SourceSKILL.md
333| Configure webhooks | `client.whatsapp.businessAccounts.settings.update()` | `PATCH /v2/whatsapp/business_accounts/:id/settings` | `waba_id` |
low line 25

Access to .env file

SourceSKILL.md
25const client = new Telnyx({ apiKey: process.env['TELNYX_API_KEY'] });
low line 25

Reading sensitive environment variables

SourceSKILL.md
25const client = new Telnyx({ apiKey: process.env['TELNYX_API_KEY'] });
Scanned on May 13, 2026
View Security Dashboard
Installation guide →
GitHub Stars 176
Rate this skill
Categorymarketing
UpdatedJune 13, 2026
github-copilotchatgptclaude-codecursoropencodewindsurfclineroo-codeampgoosetraeantigravitygemini-cliapicross-platformgrowth-marketeradvertising-specialistsocial-media-managertwiliomarketing
team-telnyx/ai