Telegram Rich Messages

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Telegram messaging guide whose file-sending examples need care but are disclosed and aligned with its purpose.

Install only if you want your agent to use Telegram rich messaging. Configure the Telegram plugin for the intended bot and chats, treat example chat IDs as placeholders, and require confirmation before sending non-generated files, tokens, credentials, or destructive message actions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly instructs agents to send files from the local filesystem or arbitrary URLs without any warning, restriction, or validation guidance. In an agent setting, this can lead to unintended exfiltration of sensitive local files (for example tokens, reports, logs, or user data) or retrieval/sending of untrusted remote content, especially because the skill promotes a low-friction Telegram workflow that may encourage automatic tool use.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal