list-dialogs
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts using
uv runto interact with the Telegram API. The scripts are located in the user's plugin directory at$HOME/.claude/plugins/marketplaces/cc-skills/plugins/tlg/. - [COMMAND_EXECUTION]: Accesses sensitive Telegram session files stored at
~/.local/share/telethon/to authenticate the user session. This access is necessary for the skill's primary purpose of managing Telegram conversations. - [PROMPT_INJECTION]: The skill facilitates reading external Telegram messages which constitutes an indirect prompt injection surface.
- Ingestion points: Telegram messages and dialog names are read into the agent context via the
readanddialogscommands inSKILL.md. - Boundary markers: No explicit markers or instructions are provided to the agent to ignore instructions embedded in the retrieved Telegram content.
- Capability inventory: The skill has the ability to execute shell commands via
uv runas seen inSKILL.md. - Sanitization: No sanitization or validation of the retrieved Telegram content is performed before processing.
Audit Metadata