skills/aaaaqwq/claude-code-skills/telegram-contacts/Snyk

telegram-contacts

Warn

Audited by Snyk on May 20, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). The skill explicitly reads Telegram user-generated messages as part of its workflow (SKILL.md: "JSON with last messages" export and "Shows: ... last 5 messages" on lookup), exposing the agent to untrusted third-party content that could influence actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 20, 2026, 02:06 PM

Issues

1

Security Audit — snyk — telegram-contacts