telegram-automation

[Skill Scanner] Skill instructions include directives to hide actions from user BENIGN: The code fragment is a configuration/spec for an integration workflow that coordinates with an external MCP service to perform legitimate Telegram bot automation tasks. The data flows align with standard usage of Telegram Bot API and runtime credential handling. The external MCP dependency and auth flow represent environmental requirements rather than malicious behavior. The footprint is coherent with the stated purpose, assuming proper security controls around the MCP endpoint and bot token handling. LLM verification: Functionally the skill is legitimate for automating Telegram bots. The primary security concern is architectural: it mandates sending the Telegram Bot Token and all API traffic through a third‑party MCP (https://rube.app/mcp). That centralization is the most likely vector for credential harvesting or message interception if the MCP operator is untrusted. The static scanner note about hiding actions increases suspicion and should be investigated by examining the repository for concealment directi