telegram-push

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly lists news_push.py as "内置新闻抓取" (built-in news scraping) and shows a curl getUpdates call to read Telegram messages, meaning the skill fetches public news and user-generated chat content (untrusted third-party sources) which the agent ingests and uses to determine messages it sends.