Skills
skills/aradotso/trending-skills/tg-ws-proxy-telegram-socks5/Gen Agent Trust Hub

tg-ws-proxy-telegram-socks5

Fail

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill directs users to clone source code and download binaries from a non-trusted GitHub repository (Flowseal/tg-ws-proxy) and the Arch User Repository (AUR).
  • Evidence: git clone https://github.com/Flowseal/tg-ws-proxy.git in SKILL.md.
  • Evidence: git clone https://aur.archlinux.org/tg-ws-proxy-bin.git in SKILL.md.
  • [REMOTE_CODE_EXECUTION]: Instructions are provided to download and execute pre-compiled binaries and Debian packages from external releases without integrity verification.
  • Evidence: sudo dpkg -i TgWsProxy_linux_amd64.deb and ./TgWsProxy_linux_amd64 in SKILL.md.
  • [COMMAND_EXECUTION]: The skill recommends several high-risk actions, including the use of administrative privileges and the intentional bypass of host security protections.
  • Evidence: Use of sudo for systemd service control and package installation.
  • Evidence: The 'Troubleshooting' section advises users to 'temporarily disable Defender' and 'add to exclusions' for files flagged with the 'Wacatac' Trojan signature.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 26, 2026, 12:42 AM