Skills
skills/delexw/claude-code-misc/telegram-bot/Gen Agent Trust Hub

telegram-bot

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill performs network requests to the official Telegram Bot API (api.telegram.org) to facilitate message retrieval and delivery. These operations are essential for the skill's documented purpose.
  • [PROMPT_INJECTION]: The skill ingests message content from an external Telegram channel and presents it to the agent, creating a surface for indirect prompt injection where external actors could attempt to override the agent's instructions.
  • Ingestion points: scripts/fetch_dm.py fetches the latest message from a Telegram channel.
  • Boundary markers: None. The fetched message text is provided to the agent without delimiters or instructions to treat it as untrusted content.
  • Capability inventory: The agent can send messages back to the channel via scripts/send_channel.py and has the ability to execute the skill's scripts.
  • Sanitization: The script only removes the bot's handle from the start of the message; it does not perform sanitization, escaping, or filtering of the core message content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 04:20 AM