telegram-bot
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user data from Telegram messages and forwards it to the agent, creating a surface for indirect prompt injection.
- Ingestion points: Telegram updates arrive via
telegram-bot::webhookin SKILL.md. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are mentioned in the message processing logic.
- Capability inventory: The skill triggers agent turns via
harness::sendand manages tool approvals throughapproval-gateas documented in SKILL.md. - Sanitization: There is no evidence of sanitization or filtering applied to incoming user text before prompt interpolation.
Audit Metadata