skills/iii-hq/workers/telegram-bot/Gen Agent Trust Hub

telegram-bot

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted user data from Telegram messages and forwards it to the agent, creating a surface for indirect prompt injection.
  • Ingestion points: Telegram updates arrive via telegram-bot::webhook in SKILL.md.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are mentioned in the message processing logic.
  • Capability inventory: The skill triggers agent turns via harness::send and manages tool approvals through approval-gate as documented in SKILL.md.
  • Sanitization: There is no evidence of sanitization or filtering applied to incoming user text before prompt interpolation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 03:11 PM
Security Audit — agent-trust-hub — telegram-bot