telegram-readonly

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and parses user-generated Telegram content via Telethon (see scripts/telegram_readonly.py: cmd_messages, cmd_search using client.get_messages / client.iter_messages and the SKILL.md commands like "messages" and "search"), so it ingests untrusted third-party messages that could contain instructions influencing agent behavior.