Critical Telegram Bot Token Exposed in Repository Commit; Full Chat Impersonation Possible

A security audit has uncovered a critical credential leak in a committed analysis file within the repository. A live Telegram bot token and associated chat identifier were found hardcoded in `reports/daily/2026-04-01/evidence/ALPACA_INTEGRITY_ARM_EXECUTION_TRACE.md` at lines 61–62 and 129–130. The exposed token grants anyone with repository read access the ability to impersonate the bot or send unauthorized messages to the linked chat. The exposure traces to commit `e66f2af217d4aee98c794fedc202205d87e855e0`, which addressed ML row densification for intel embedding and symbol encoding.

The audit further identified a high-severity deserialization risk in the machine learning pipeline. Both `src/ml/alpha10_inference.py` and `src/ml/alpaca_shadow_scorer.py` employ `joblib.load()` to deserialize model bundles. Because joblib relies on pickle internally, loading a malicious `.joblib` file is equivalent to arbitrary code execution. Model paths in both files are sourced from environment variables or default to directories under `models/`, expanding the potential attack surface for supply-chain or path-injection vectors.

The exposure raises significant concerns around operational security and supply-chain integrity. Beyond the immediate risk of unauthorized Telegram bot activity, the hardcoded credentials suggest inadequate secrets management practices within the repository workflow. The deserialization vulnerability compounds these concerns by indicating that model handling may not account for adversarial artifact injection. Remediation requires immediate token rotation, removal of the leaked credentials from commit history, and replacement of `joblib.load()` with safer deserialization alternatives. Organizations using similar patterns should audit their own repositories for comparable exposures.