telegram-reply
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration detected. The skill's primary purpose is to facilitate user interaction via Telegram.- [PROMPT_INJECTION]: The skill includes a specific safety instruction to prevent the agent from echoing environment variables or secrets, which acts as a defense against certain prompt injection attacks.- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection, as it processes untrusted messages from external Telegram users.
- Ingestion points: Messages and media attachments arriving from Telegram as described in SKILL.md.
- Boundary markers: No explicit delimiters or 'ignore embedded instructions' markers are defined for incoming message content.
- Capability inventory: The skill can read/write local workspace files and send files externally using the
telclaudeCLI commands. - Sanitization: No explicit sanitization or content validation for the Telegram input is defined in the instructions.
Audit Metadata