skills/tdimino/claude-code-minoan/telegram/Snyk

telegram

Warn

Audited by Snyk on May 19, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The skill ingests untrusted, user-generated Telegram messages (via the Claudicle daemon adapter /telegram_listen.py and by reading ~/.claudicle/daemon/inbox.jsonl) which are processed by the /telegram-respond cognitive pipeline and can drive automated responses, so third-party content could influence agent actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 19, 2026, 04:39 PM

Issues

1

Security Audit — snyk — telegram