send-telegram

The artifact is a configuration/instruction page for sending messages to a specific Telegram chat via an n8n workflow or webhook. It is not itself malware, but contains several security issues that raise moderate concern: a credential-like token is hardcoded in the documentation, an insecure fallback example disables TLS verification, and exact workflow/chat identifiers are published, enabling straightforward targeted exfiltration. Recommended mitigations: remove or rotate any credential published in docs; delete credentials from public docs and store them in secure secret storage; fix example code to enforce TLS verification; add explicit warnings and consent/approval controls for forwarding user content; consider reducing published identifiers or requiring authenticated access to the webhook and workflow; audit the n8n instance and rotate tokens if they were ever exposed. With these mitigations the risk is reduced and the integration is acceptable for benign use.