telegram-send

SUSPICIOUS: the stated purpose and capabilities mostly align for a Telegram bulk-send skill, and visible data flows are to Telegram rather than an unrelated intermediary. However, it grants an AI agent the ability to perform bulk outbound messaging using local session credentials, which is a high-impact real-world action and only partially bounded by dry-run/test flags. No strong malware indicators are visible, but the skill carries meaningful operational and credential-handling risk.