telegram-cli

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The URL points to an unknown GitHub repository being installed directly via a git+ pip-style URL (unvetted source) which can execute arbitrary code on install and is therefore suspicious unless you verify the author's reputation and review the code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to call the tele CLI to list dialogs and fetch messages from Telegram (e.g., tele -f json dialog list and tele -f json message list <dialog_id>), which ingests untrusted, user-generated third-party content that could carry indirect prompt injection.