create-group
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONNO_CODEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a Bash block to invoke
uv runfor executing a Python script (send.py). This involves running shell commands that utilize environment variables such asCLAUDE_PLUGIN_ROOTto locate the script. - [NO_CODE]: The core functional logic for interacting with the Telegram API is contained in
scripts/send.py. This external file is referenced but not provided for analysis, preventing a full audit of its internal security behavior. - [PROMPT_INJECTION]: The skill interpolates untrusted user data—specifically the
titleandaboutdescription parameters—directly into a Bash command block. Ingestion points: Untrusted data enters the agent context through the parameters in the bash usage example. Boundary markers: No delimiters or 'ignore' instructions are present to distinguish user data from the command structure. Capability inventory: The skill allows arbitrary command execution via the Bash tool to launch the script. Sanitization: No escaping or validation is specified for the interpolated strings, creating a surface for indirect prompt injection or command injection if user inputs contain shell metacharacters like backticks or dollar signs.
Audit Metadata