telegram-notify
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill processes potentially untrusted task outputs or user-provided messages to generate Telegram notifications, creating an indirect prompt injection surface.
- Ingestion points: Summaries of task completion or alert messages in SKILL.md.
- Boundary markers: Absent for the data passed to the tool.
- Capability inventory: Uses the telegram CLI to transmit information to an external service.
- Sanitization: Instructions mandate aggressive summarization and strict plain-text format, which limits the efficacy of complex injection payloads.
- [COMMAND_EXECUTION]: The skill invokes the telegram CLI through a Bash tool interface for messaging and debugging bot credentials.
- [DATA_EXFILTRATION]: User-specified text and task summaries are sent to Telegram's official servers. This behavior is documented and represents the primary intended use-case of the skill for a well-known service.
Audit Metadata