download-media

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md requires the agent to run "read -n N" and "download " to browse and retrieve Telegram messages, exposing it to user-generated/untrusted Telegram content that can influence which files are fetched and subsequent actions, enabling indirect prompt injection.