telegram-cli
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): The skill instructs the user to install a tool directly from an unverified GitHub repository (
https://github.com/AFutureD/tele-cli) usinguv tool install. This source is not part of the trusted organization or repository list. - REMOTE_CODE_EXECUTION (HIGH): By downloading and installing an external executable from an untrusted source, the skill facilitates potential remote code execution on the host machine.
- CREDENTIALS_UNSAFE (HIGH): The skill manages sensitive Telegram credentials, including phone numbers, verification codes, and 2FA passwords. It also creates and manages session files in a predictable local directory (
~/.config/tele/sessions/), which are high-value targets for exfiltration. - COMMAND_EXECUTION (MEDIUM): The skill relies on executing various
telesubcommands to perform actions, which could be exploited if inputs (like message content or IDs) are not properly sanitized by the underlying tool. - PROMPT_INJECTION (LOW): The skill exhibits an indirect prompt injection surface as it reads data (Telegram messages) from an external source and provides capabilities to send messages based on that data without explicit sanitization or boundary markers.
Recommendations
- AI detected serious security threats
Audit Metadata