1. Critical Telegram Bot Token Exposed in Repository Commit; Full Chat Impersonation Possible
A security audit has uncovered a critical credential leak in a committed analysis file within the repository. A live Telegram bot token and associated chat identifier were found hardcoded in `reports/daily/2026-04-01/evidence/ALPACA_INTEGRITY_ARM_EXECUTION_TRACE.md` at lines 61–62 and 129–130. The exposed token grants ...