Back to skill

Security audit

Telegram Group Finder

Security checks across malware telemetry and agentic risk

Overview

This skill is a simple instruction-only workflow for finding public Telegram links with web search, with no hidden execution, persistence, credential use, or destructive behavior.

Install only if you are comfortable with your agent searching the web for Telegram communities and returning public group or channel links. Treat discovered groups cautiously, especially around payment-related topics, and verify legality, safety, and authenticity before joining or contacting anyone.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Tp4

High
Category
MCP Tool Poisoning
Confidence
98% confidence
Finding
This is a mismatch because the declared purpose describes a functional Telegram community finder, but the actual code does not implement that behavior at all. It contains only a stub script that prints a static line and has no search, network access, Telegram-related logic, or topic-based discovery functionality.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.