telegram

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.85). The set includes a direct install script (https://docs.iyear.me/tdl/install.sh) served from an unvetted domain and an unknown GitHub repo (iyear/tdl) — both are high-risk distribution vectors (curl|bash style installs and small/unknown repos can silently deliver malware), while desktop.telegram.org and t.me are legitimate but do not mitigate the risk from the unknown installer sources.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests messages from Telegram channels and groups using tdl (e.g., SKILL.md Step 4 "tdl chat export -c @channel_name" and Step 5 presenting/summarizing fetched messages), which are untrusted, user-generated third‑party contents that the agent reads and uses to drive summaries and actionable decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's recommended install command for the required runtime dependency tdl explicitly runs a remote script ("curl -sSL https://docs.iyear.me/tdl/install.sh | sudo bash"), which fetches and executes remote code at runtime and is required for the skill to function.