Skills
skills/davila7/claude-code-templates/telegram-bot-builder/Gen Agent Trust Hub

telegram-bot-builder

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): Potential for Indirect Prompt Injection.
  • Ingestion points: The bot templates ingest untrusted user input via ctx.message.text (in SKILL.md).
  • Boundary markers: No specific delimiters or instructions are provided to the model to ignore instructions embedded in user messages.
  • Capability inventory: The provided code demonstrates the ability to send messages (ctx.reply), handle payments (ctx.replyWithInvoice), and modify state (activatePremium).
  • Sanitization: The code snippets do not include input sanitization or validation, which is expected for basic educational templates but presents a surface for injection attacks against the resulting bot's logic.
  • [DATA_EXFILTRATION] (SAFE): The skill correctly demonstrates the use of process.env.BOT_TOKEN and process.env.PAYMENT_TOKEN, encouraging the use of environment variables rather than hardcoding sensitive credentials.
  • [REMOTE_CODE_EXECUTION] (SAFE): No patterns for remote script execution, dynamic code evaluation (eval/exec), or unauthorized subprocess spawning were detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 12:17 PM