telegram
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides extensive documentation on Telegram Bot development with a strong focus on security best practices.
- [CREDENTIALS_UNSAFE]: The skill explicitly prohibits hardcoding tokens and secrets, recommending the use of environment variables instead (see
SKILL.mdandreferences/webhooks.md). - [DATA_EXFILTRATION]: No patterns of unauthorized data access or exfiltration were found. The code snippets for handling user data include mandatory verification steps.
- [PROMPT_INJECTION]: There are no instructions that attempt to bypass AI safety guidelines or override agent behavior. Terms like 'CRITICAL' and 'IMPORTANT' are used correctly within the context of developer guidance.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns, such as piped shell commands or dynamic execution of untrusted scripts, were detected.
- [INDIRECT_PROMPT_INJECTION]: While the skill describes handling untrusted data from Telegram, it provides specific mitigation strategies including:
- Ingestion points:
aiogramhandlers and webhook endpoints receive data from the Telegram Bot API. - Boundary markers: Instructions explicitly require validating the
X-Telegram-Bot-Api-Secret-Tokenand verifying cryptographic hashes for authentication data. - Capability inventory: The skill's patterns are limited to standard bot operations (sending messages, processing payments via official providers) and do not involve dangerous system capabilities like
evalor file system writes. - Sanitization: Implementation guides for
verify_telegram_authandvalidate_mini_app_init_dataensure data integrity usinghmac.compare_digestfor constant-time comparison.
Audit Metadata