Agent Telegram

Security checks across malware telemetry and agentic risk

Overview

This skill is a Telegram notification guide, but it directs agents to send work updates and file paths to one fixed Telegram user ID.

Install only if Telegram ID 5440561025 is your intended destination and you accept automatic agent status messages. For normal use, change the target to an approved chat, avoid sending secrets or private project details, and require confirmation before messages include sensitive information or local file paths.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill hard-codes a specific Telegram user ID and requires agents to send status updates and outputs there, but provides no guidance on data classification, consent, or limits on what may be disclosed. In practice, this creates a strong risk of exfiltrating sensitive task contents, internal file paths, operational details, or user data to an external messaging channel, especially because reporting is mandated at multiple workflow stages.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal