configure-telegram
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill performs shell operations using 'curl' and 'jq' to manage configuration and test connectivity. Evidence: Bash scripts in 'SKILL.md' steps 1, 4, 7, and 8.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests user input that is directly interpolated into shell commands, creating a potential injection surface.
- Ingestion points: Bot token and chat ID collected via 'AskUserQuestion'.
- Boundary markers: None present in the shell command snippets.
- Capability inventory: Network access via 'curl', JSON parsing via 'jq', and file write access to '~/.claude/'.
- Sanitization: While the instructions prompt the agent to validate input, the provided bash code does not contain internal sanitization, making it dependent on the LLM's adherence to validation rules.
Audit Metadata