Back to skill

Security audit

Telegram Group Onboard

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent for Telegram group onboarding, but it pushes broad bot access and remote configuration changes without enough confirmation or privacy guardrails.

Install only if you intentionally want a Telegram bot onboarding workflow that can make the bot process all messages in groups. Before using it, confirm the exact server and chat ID, prefer allowlist or requireMention=true unless broad access is truly needed, review the config change and backup, and restrict who can add persistent project knowledge.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill explicitly recommends changing Telegram group access from allowlist to open and using requireMention=false, which materially broadens who can trigger the bot and causes it to process all group messages. In context, this weakens a deliberate access-control boundary and increases exposure of the bot to unauthorized or unintended group interactions, prompt injection, and privacy-sensitive content ingestion.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill directs operators to tail gateway logs and run SSH-based commands without any warning that logs may contain sensitive metadata and that remote shell access can affect production systems. This is dangerous because it normalizes privileged inspection and execution workflows without consent, least-privilege guidance, or validation of target hosts and commands.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs changing the bot to respond to all messages in a group without clearly warning users that this expands monitoring and interaction scope beyond mention-based engagement. In context, that can unexpectedly expose all group content to bot processing and increase the risk of sensitive data capture, abuse, and prompt-injection from any member.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.