pyrofork-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill documents patterns for processing external input that could be used for indirect prompt injection attacks.
- Ingestion points: External data from Telegram updates, such as
message.textandquery.data, are ingested in handlers and filters as shown inreferences/features-smart-plugins.mdandreferences/features-filters-custom-filters.md. - Boundary markers: The provided code examples do not demonstrate the use of delimiters or explicit instructions to ignore embedded commands within the processed message content.
- Capability inventory: Handlers have access to powerful bot capabilities across various scripts, including
message.reply,message.forward, andclient.invokefor raw API operations. - Sanitization: The examples do not include logic for sanitizing or validating external content before it is processed or echoed back to the user.
- [REMOTE_CODE_EXECUTION]: The skill describes the "Smart Plugins" feature which utilizes dynamic loading of Python modules.
- Dynamic Loading: The
Clientconfiguration inreferences/features-smart-plugins.mdshows auto-discovery and loading of modules from a localpluginsdirectory at runtime. While this is a standard library feature, it allows for the execution of code found in the specified path. - [EXTERNAL_DOWNLOADS]: The documentation recommends the use of external performance-enhancing packages.
- Package Recommendations:
references/best-practices-errors-sessions-performance.mdsuggests installingtgcrypto-pyroforkanduvloopto improve throughput. These are recognized as legitimate ecosystem components for this library.
Audit Metadata