grammy-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the creation of agents that process untrusted external data via the Telegram Bot API. This introduces a surface for indirect prompt injection where malicious instructions could be embedded in user messages or callback data.\n
- Ingestion points: Telegram updates (ctx.message, ctx.callbackQuery) are processed in rules/grammy-core-middleware.md and rules/grammy-commands-interactions.md.\n
- Boundary markers: The skill includes specific rules to 'Treat every update as untrusted input' and 'Validate assumptions before side effects'.\n
- Capability inventory: Example scripts utilize capabilities such as ctx.reply, ctx.api.sendMessage, and file.download.\n
- Sanitization: The documentation explicitly advises validating actor/chat context for destructive actions and not trusting callback payloads blindly.\n- [EXTERNAL_DOWNLOADS]: The skill documentation and examples reference official grammY plugins and documentation from grammy.dev. These resources are part of the official ecosystem for the framework and are hosted on trusted platforms.
Audit Metadata