Telegram Alerts

Security checks across malware telemetry and agentic risk

Overview

This documentation-only skill is coherently about sending Telegram trading alerts and shows no hidden code, persistence, or unrelated data access.

Install only if you are comfortable giving the agent access to a Telegram bot token and sending trading or portfolio details to the configured chat. Use a dedicated bot, verify the chat ID, keep the token out of source control and logs, and rotate it if exposed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The skill description and usage language are broad enough that an agent could invoke this skill for generic 'send a notification' requests without clear boundaries around allowed message types, recipients, or triggering conditions. In an automation context, ambiguous invocation scope can lead to misrouted messages, unintended disclosure of trading or portfolio data, or use in situations the user did not explicitly authorize.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The setup section instructs users to place TELEGRAM_BOT_TOKEN and TELEGRAM_CHAT_ID in environment configuration but gives no warning that the bot token is a secret that grants message-sending capability. Missing secret-handling guidance increases the risk of token leakage through logs, screenshots, committed .env files, or insecure sharing, which could let an attacker send unauthorized messages or abuse the bot.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal