agent-telegram

SUSPICIOUS: the core Telegram functionality is plausible, but the skill requires the agent to collect multiple Telegram secrets and feed them into a third-party CLI while explicitly hiding key auth details from the user. The purpose aligns broadly with messaging, yet the concealed auto-provisioning flow and credential forwarding make the skill high-risk.