telegram-cli

Fail

Audited by Snyk on Jun 20, 2026

Risk Level: HIGH
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). In the ask workflow, the script registers a Telethon events.NewMessage handler and prints event.text (and media tags) from messages sent by the chat participant (outsider) into the runtime console/LLM-visible context, i.e., Telegram-authored free text is ingested via cmd_ask()handler()text = event.text or "".

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

  • Secret detected (high risk: 1.00). I found a hardcoded high-entropy credential: the default TELEGRAM_API_HASH is set to "59d1e009d7ecb0c0a7224af3f461bb2e" in the script (API_HASH = os.environ.get("TELEGRAM_API_HASH", "59d1e009d7ecb0c0a7224af3f461bb2e")). This is a random-looking hex string and matches the format/entropy of a real Telethon/Telegram API hash, so it should be treated as a secret.

I am ignoring the following:

  • TELEGRAM_API_ID = 1993898 — low-entropy numeric id (not a secret).
  • Example pairing code "7PTE7AUN" shown in docs — ephemeral/example value used in instructions, not a long-lived credential.
  • Environment variable names and other placeholders shown in the docs.

No private keys or other high-entropy secrets were found.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W008
HIGH

Secret detected in skill content (API keys, tokens, passwords).

Audit Metadata
Risk Level
HIGH
Analyzed
Jun 20, 2026, 06:59 PM
Issues
2
Security Audit — snyk — telegram-cli