Telegram CTA Button

Security checks across malware telemetry and agentic risk

Overview

This appears to be a prompt-only Telegram helper for suggesting reply buttons, with minor scoping and callback-naming concerns but no evidence of hidden execution, data theft, or persistence.

This skill looks reasonable to install if you want Telegram replies to include suggested action buttons. Review whether you are comfortable with it offering buttons proactively, and prefer stricter callback routing or namespaced callback IDs if you operate the Telegram bot backend.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The skill instructs the agent to 'always consider' adding CTA buttons when replying on Telegram, which is broad enough to trigger in many routine conversations without a clearly bounded scope. This can cause unintended invocation of UI actions, increasing the chance of confusing users, steering them into actions they did not request, or exposing contextual suggestions at inappropriate times.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The preset includes a very broad natural-language callback value, "Help me research a topic", which can overlap with ordinary user requests or internal routing phrases in a Telegram bot. If the system matches or dispatches on callback text too loosely, clicking this button may trigger unintended workflows or collide with other handlers, causing confused-deputy behavior or unauthorized action selection.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal