Skills
skills/vood/claude-code-skills/telegram-checker/Gen Agent Trust Hub

telegram-checker

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • Indirect Prompt Injection (LOW): The skill ingests untrusted data from Telegram that could contain malicious instructions for the agent.
  • Ingestion points: The script scripts/check_messages.py fetches text from Telegram messages via the dialog.message.text property and prints it to stdout.
  • Boundary markers: Absent. There are no delimiters or warnings used to separate the external message content from the agent's instructions.
  • Capability inventory: The skill allows the agent to execute Python scripts via the Bash tool.
  • Sanitization: Absent. The message content is displayed as-is, which could allow an attacker to send a message that the agent interprets as a command.
  • Data Exposure (LOW): The skill handles sensitive authentication data.
  • It accesses TELEGRAM_API_ID and TELEGRAM_API_HASH from environment variables.
  • It creates and reads a session file at ~/.telegram_checker_session which contains authentication tokens. While necessary for the skill's purpose, this is a sensitive data path.
  • External Dependencies (LOW): The script requires the telethon Python package. While this is a reputable library, it is an external dependency that must be installed from a public registry.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:43 PM