ClawHub

Telegram Instant Messenger

Security checks across malware telemetry and agentic risk

Overview

This appears to be a Telegram messaging skill, but it needs review because it can move messages and files through an external shared bot without clearly scoped activation or privacy notice.

Install only if you are comfortable routing selected messages, files, and chat metadata through Telegram and AgentPMT. Use it only for explicit Telegram tasks, avoid secrets or regulated data, and confirm destinations before sending or importing files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill advertises broad activation phrases such as generic messaging, support, alerts, and feedback tasks, which can cause an agent to invoke this Telegram integration when a user did not specifically intend third-party message transmission. Because the skill enables outbound and inbound communication through a shared bot, accidental activation can lead to unnecessary external data disclosure and unintended user contact.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill clearly supports sending messages, retrieving updates, and ingesting files via a shared @AgentPMT_bot, but it does not present a prominent user-facing privacy warning about transmitting content to Telegram and AgentPMT infrastructure. In a messaging skill, this omission increases the risk that sensitive text, attachments, or support data will be routed to external services without informed consent.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The schema documents actions that send messages and files to an external Telegram chat and can ingest Telegram media into File Manager, but it does not clearly warn users that data leaves the current system boundary and may be stored or redistributed externally. In a messaging skill, this omission can cause inadvertent disclosure of sensitive content, especially because the bot is shared and the feature supports two-way exchange plus file ingestion.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal