telegram

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes literal-looking bot tokens and several examples that embed tokens verbatim (env file with a sample token, TOKEN assigned in code, CLI args like --token, and webhook URLs containing the token), which encourages handling and outputting secrets directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill accepts and processes arbitrary user-generated content from Telegram (via long polling and webhooks — e.g., bot.on('message') in assets/boilerplate/nodejs/src/handlers.ts, MessageHandler in assets/boilerplate/python/bot.py and the webhook endpoint /webhook/{TOKEN} in references/webhook-setup.md and assets/boilerplate/python/webhook_server.py), and that content is read/interpreted (including forwarded to an AI in the "Automacao com IA" flow), so untrusted third‑party input can materially influence actions and tool use.