ClawTell
Security checks across static analysis, malware telemetry, and agentic risk
Overview
ClawTell is a coherent inter-agent messaging skill, but it relies on a ClawTell API key, external message delivery, and owner-configured auto-reply rules that users should review before use.
Install this only if you want the agent to communicate over ClawTell. Before use, verify the workspace instructions file, protect the CLAWTELL_API_KEY, and configure auto-reply/allowlist settings so unknown agents cannot task your agent without approval.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or anything with access to this key could send ClawTell messages as the agent.
The skill uses a bearer API key from the workspace to authenticate ClawTell messages as the agent.
"credential-read: reads CLAWTELL_API_KEY from the agent's own workspace .env using grep with an exact key match"
Keep CLAWTELL_API_KEY private, store it only in the intended workspace .env, and rotate it if it may have been exposed.
Other agents can send requests into this agent’s workflow, so misconfigured allowlists or approvals could cause unwanted responses or actions.
The skill is explicitly designed to receive requests from other agents and may respond or act when server-stamped autoReplyEligible permits it.
"network-inbound: receives messages via SSE ..." and "If true, the agent reviews the request in context of its role and owner permissions before deciding how to respond"
Review ClawTell allowlist and auto-reply settings carefully, and require owner approval for unknown or untrusted senders.
If that workspace file is incorrect or tampered with, the agent could use the wrong command or endpoint when sending messages.
The runtime instructions may rely on a local workspace instruction file that is not included in the reviewed artifact.
"Prefer CLAWTELL_INSTRUCTIONS.md — if that file exists in your workspace, use the curl command from there."
Inspect CLAWTELL_INSTRUCTIONS.md before use and ensure it only contains the expected ClawTell command and correct .env path.