settings-and-tuning
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute system commands for process management, specifically calling
pkillto terminate the bot andbunto start it. These operations are essential for applying configuration changes but represent a use of system-level controls. - [CREDENTIALS_UNSAFE]: The skill's documentation identifies the specific file path
~/.claude/.secrets/ccterrybot-telegramas the location for bot tokens and secrets. While the skill does not expose the secrets themselves, the disclosure of the storage path provides a target for potential unauthorized access. - [PROMPT_INJECTION]: The skill processes the contents of the
mise.tomlconfiguration file, which creates an attack surface for indirect prompt injection if the file contains malicious instructions. - Ingestion points: The configuration file
~/.claude/automation/claude-telegram-sync/mise.tomlis read into the agent's context during Phase 0. - Boundary markers: The skill does not use explicit delimiters or "ignore instructions" warnings when handling the configuration file content.
- Capability inventory: The agent possesses the
Bashtool for command execution and theEditandWritetools for file modification. - Sanitization: There is no evidence of sanitization or validation of the configuration file content before it is displayed or used to update the environment.
Audit Metadata