telegram

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.75). The set mixes official Telegram links (low risk) with a direct curl|bash shell script hosted on an untrusted domain (docs.iyear.me) and a GitHub repo from an unknown user—directly executing remote .sh scripts and installing from low-reputation repos are common malware distribution vectors, so the source should be treated as suspicious.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests messages from Telegram channels and groups using tdl (e.g., SKILL.md Step 4 "tdl chat export -c @channel_name" and Step 5 presenting/summarizing fetched messages), which are untrusted, user-generated third‑party contents that the agent reads and uses to drive summaries and actionable decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's recommended install command for the required runtime dependency tdl explicitly runs a remote script ("curl -sSL https://docs.iyear.me/tdl/install.sh | sudo bash"), which fetches and executes remote code at runtime and is required for the skill to function.