MAC OS screenshot to telegram

The skill is designed for a legitimate purpose (screenshot to Telegram). However, the `scripts/screenshot-telegram.sh` file is vulnerable to shell injection and path traversal. The user-controlled `PROFILE` parameter is directly concatenated into file paths (`CONFIG_PATH`, `WORKSPACE`) without sanitization, and these paths are then used in shell commands (`grep`, `sed`, `screencapture`, `curl`). This allows an attacker to potentially execute arbitrary commands or access/write files outside the intended directories by crafting a malicious `PROFILE` value.