Telegram Shop Bot Developer
Security checks across malware telemetry and agentic risk
Overview
This is a non-executable service listing for Telegram shop bot development, with no hidden local access or credential collection in the installed artifact.
Install risk is low because this skill contains no runnable code. Treat it as a paid external service listing: verify the seller and scope before paying, and do not share Telegram bot tokens, payment API keys, admin credentials, or customer/order data until you trust the arrangement.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.