How does it help with IVR security?

It helps identify vulnerabilities in Interactive Voice Response systems like PIN brute-forcing, undocumented debug menus, and improper handling of sensitive data in call recordings.

Does it support VoIP protocols like SIP?

Absolutely, it includes checks for SIP registration hijacking, digest authentication brute forcing, and enforcing SRTP with DTLS-SRTP key exchange.

Can this skill help prevent SIM swap attacks?

Yes, it provides specific audit methodologies and remediation steps to mitigate SIM swap risks in authentication flows, including suggesting alternatives like TOTP or WebAuthn.

Can I use it to audit Twilio or Plivo integrations?

Yes, the skill identifies common anti-patterns in telephony API usage, such as missing webhook signature verification, rate-limiting gaps, and credential leakage.

What legacy protocols does this skill cover?

It provides context and attack surface analysis for legacy signaling protocols including SS7, MAP, and early Diameter implementations used in roaming.

Telecom Security Audit

Name: Telecom Security Audit
Author: plurigrid

byplurigrid

•

Security & Testing

Audits telecommunications infrastructure and telephony-dependent security controls to identify vulnerabilities in VoIP, SMS authentication, and cellular protocols.

The Telecom Security Audit skill equips Claude with deep domain expertise to assess the security of modern and legacy telephony systems. It provides comprehensive guidance for auditing SMS-based multi-factor authentication, VoIP/SIP infrastructure, IVR systems, and carrier-grade signaling protocols like SS7 and Diameter. Whether reviewing telephony API integrations or identifying SIM swap risks, this skill helps developers and security researchers implement robust defenses against phreaking, interception, and toll fraud.

Key Features

01Telephony API security for Twilio, Vonage, and Plivo integrations

02SMS 2FA and MFA bypass vector assessment

03VoIP and SIP infrastructure vulnerability analysis

047 GitHub stars

05IVR and DTMF security logic auditing

06Cellular protocol signaling reviews (SS7, Diameter, 4G/5G)

Use Cases

01Securing enterprise VoIP PBX systems and SIP trunks against toll fraud and eavesdropping

02Hardening application authentication flows against SIM swapping and SMS interception

03Reviewing IVR systems for undocumented menu traversal and sensitive data disclosure

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add plurigrid/asi telecom-security

For use in Claude.ai and ChatGPT

Download Skill