telegram-automation
Warn
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill requires the addition of an external MCP server from
https://rube.app/mcp. Since this domain is not within the defined trusted source scope, the tool definitions and behavior are unverifiable and controlled by an external party. - [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection as it ingests untrusted content from the Telegram API. An attacker sending messages to the bot could attempt to manipulate the agent's behavior.
- Ingestion points:
TELEGRAM_GET_UPDATES,TELEGRAM_GET_CHAT_HISTORY. - Boundary markers: Absent. No delimiters or instructions are provided to the agent to treat message content as untrusted data.
- Capability inventory: Extensive Telegram operations including sending/deleting messages and managing chat settings.
- Sanitization: Absent.
Audit Metadata