Skills
skills/automindtechnologie-jpg/ultimate-skill.md/telegram-mini-app/Gen Agent Trust Hub

telegram-mini-app

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOW
Full Analysis
  • [PROMPT_INJECTION] (SAFE): No patterns of instruction overrides, bypass markers, or role-play jailbreaks were detected.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill references the standard Telegram Web App script (https://telegram.org/js/telegram-web-app.js) within HTML templates. This is an expected and necessary resource for the described functionality.
  • [DATA_EXFILTRATION] (SAFE): No sensitive file paths are accessed, and no unauthorized network exfiltration patterns were found.
  • [COMMAND_EXECUTION] (SAFE): The skill provides code snippets for developer use but does not execute arbitrary commands on the host environment.
  • [INDIRECT_PROMPT_INJECTION] (LOW): While the skill processes user-controlled Telegram data (initData), it explicitly identifies this as a high-severity risk in the 'Sharp Edges' section and instructs the user to validate it on the server side, demonstrating safe instructional design.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 01:12 PM