telegram-bot-builder
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [CREDENTIALS_SAFE] (SAFE): The code examples correctly demonstrate using
process.envforBOT_TOKENandPAYMENT_TOKEN, encouraging secure handling of API keys rather than hardcoding them. - [EXTERNAL_DOWNLOADS] (LOW): The skill identifies and recommends industry-standard libraries such as
telegraf,grammY,python-telegram-bot, andaiogram. These are presented as informational recommendations for the developer and are not automatically downloaded or executed by the skill itself. - [PROMPT_INJECTION] (SAFE): No instructions were found that attempt to override agent behavior, bypass safety filters, or extract system prompts.
- [COMMAND_EXECUTION] (SAFE): The skill contains no shell commands or subprocess calls that would execute on the host system. All code provided is within formatted blocks intended for the user's bot development.
- [DATA_EXFILTRATION] (SAFE): There are no patterns suggesting unauthorized access to sensitive local files or the transmission of data to unverified external domains.
Audit Metadata