Skills
skills/terrylica/cc-skills/download-media/Gen Agent Trust Hub

download-media

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script named send.py using the uv tool. This script is intended to facilitate interaction with Telegram services and is located within the plugin's environment paths.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from Telegram chat messages. If a message contains adversarial instructions, the agent might follow them while processing the chat history.
  • Ingestion points: The skill retrieves chat messages using the read command, bringing external content into the agent's context.
  • Boundary markers: No specific delimiters or instructions are used to distinguish between chat content and agent instructions.
  • Capability inventory: The skill uses the Bash tool to run shell commands and the send.py script to perform network and file operations.
  • Sanitization: There is no evidence of sanitization or filtering applied to the messages fetched from Telegram.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 09:52 AM