add-telegram-swarm
Warn
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: Modifies core application source code files, including 'src/telegram.ts', 'src/config.ts', and 'src/ipc.ts', to integrate new functionality directly into the host logic.
- [COMMAND_EXECUTION]: Alters system-level persistence by modifying the '~/Library/LaunchAgents/com.bastionclaw.plist' file and using 'launchctl' to reload the service.
- [COMMAND_EXECUTION]: Performs broad file system operations and rebuilds the application environment using shell commands like 'npm run build' and './container/build.sh'.
- [COMMAND_EXECUTION]: Uses 'sqlite3' to query a local database ('store/messages.db') and uses the resulting data to drive file system actions such as creating directories and copying scripts.
- [CREDENTIALS_UNSAFE]: Instructs the agent to request the user's Gemini API key and append it to the local '.env' file during the setup phase.
Audit Metadata