telegram-mini-app

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly reads and uses Telegram's unverified initData (e.g., const user = tg.initDataUnsafe.user and tg?.initDataUnsafe?.user in the examples) — user-provided/untrusted data that the app displays and processes, which could enable indirect prompt injection.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly targets crypto payments and blockchain integrations: it lists "payments", "TON blockchain", "TON Connect", and "Crypto payments" as core expertise. TON Connect is a wallet/transaction integration used to sign and submit blockchain transactions, and the skill is specifically designed to monetize apps via crypto. This is not a generic tool mention — it references concrete blockchain/payment capabilities and therefore enables direct financial execution.