The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it displays Telegram messages and contact names which are externally controlled. 1. Ingestion points: tg_contacts.py processes Telegram message history, contact names, and imported CSV files. 2. Boundary markers: No delimiters or warnings are specified for the external content. 3. Capability inventory: The agent can execute a Python script (tg_contacts.py) and write files (CSV/JSON) to the local system. 4. Sanitization: No sanitization or filtering of external content is documented.
[DATA_EXFILTRATION]: The skill accesses and exports sensitive personally identifiable information (PII), including phone numbers and message content, to local files. This behavior matches the primary purpose of the skill but involves handling high-privilege user data.

telegram-contacts