The skill is mostly transparent about its powerful features, but it needs Review because pushed web content can run scripts inside the same Telegram Mini App that exposes server shell and control features.
Install only on an isolated machine or container you are willing to expose to trusted Telegram users. Keep ALLOWED_USER_IDS very narrow, use strong BOT_TOKEN/JWT_SECRET/PUSH_TOKEN values, do not run the server as root, prefer markdown/text over untrusted HTML, and avoid running the direct Control UI tunnel unless it is protected by separate strong authentication.