using-mtcute

Pass

Audited by Gen Agent Trust Hub on Jul 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides bundled JavaScript utility scripts (get-method.js, get-class.js, get-constructor.js) in the scripts/ directory. These are intended to be executed by the agent via Node.js to dynamically inspect the local project structure, node_modules, and TypeScript definitions, providing accurate API context for code generation.
  • [DATA_EXFILTRATION]: The skill facilitates the creation of Telegram clients and bots, which by design connect to Telegram's MTProto servers. This involves reading sensitive session data from the local filesystem and performing network operations to send or receive data from the Telegram API.
  • [EXTERNAL_DOWNLOADS]: Documentation and API reference links point to library-specific domains, including mtcute.dev and ref.mtcute.dev, which are used to fetch guides and hosted documentation index files.
  • [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it is designed to process untrusted data from Telegram chat updates.
  • Ingestion points: Data enters the agent's context through Telegram message and media updates processed via TelegramClient or Dispatcher handlers.
  • Boundary markers: The instructions recommend using library-provided tagged templates (e.g., html, md) for output formatting, which helps in separating instructions from data.
  • Capability inventory: The skill includes capabilities to read and write files (sessions, media downloads) and perform network requests to the Telegram API.
  • Sanitization: Relies on the library's built-in entity parsers and formatting helpers to escape special characters.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 14, 2026, 06:21 AM