telegram-readonly

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly reads user-generated, untrusted content from the user's personal Telegram account (via Telethon/MTProto) using commands like messages, search, and dialogs as described in SKILL.md and implemented in src/telegram_readonly/cli.py, so third‑party message content could indirectly inject instructions that influence agent behavior.