tsticker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly includes commands that fetch and ingest public Telegram sticker packs (e.g., "tsticker download -l <sticker_link>" and "tsticker sync" / "Pull cloud pack → overwrite local files"), meaning the skill reads untrusted, user-generated content from third-party Telegram packs as part of its workflow and that content can change how the tool operates (e.g., metadata, filenames/emoji affecting push/sync behavior).