configure-telegram

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly asks the user to paste their Telegram bot token and chat ID and then instructs the agent to embed those values verbatim into config files and curl commands (including test requests and example env vars), which requires the LLM to handle and output secret values directly, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill includes shell curl commands that fetch and parse Telegram API responses (notably in "Step 4: Collect Chat ID" using https://api.telegram.org/bot<YOUR_TOKEN>/getUpdates and the test sendMessage in Step 8), which would ingest untrusted/user-generated messages from the public Telegram API for the agent to read/interpret as part of setup.