telegram

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests user-generated Telegram content (public channels, DMs, Saved Messages and voice notes) as part of normal workflow—see SKILL.md and the runtime scripts (scripts/tg_fetch_channels.py, scripts/tg_read.py, scripts/tg_fetch_voice.py)—so untrusted third‑party messages are read and returned for downstream processing and could carry instructions that influence agent actions despite sanitization.