Skill Auto Attach
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill says it sends documentation files to Telegram, but the included script would watch the whole workspace and automatically upload any changed regular file, not just the promised file types.
Only install this if you are comfortable with workspace files being automatically sent to Telegram. Before enabling it, change the script to allow only intended extensions and folders, add confirmation before sending, verify the Telegram destination, and ensure there is an obvious way to stop the watcher.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Any new or modified workspace file could be posted to Telegram without a separate confirmation, including files the user did not intend to share.
The script automatically invokes the message tool for changed files under the watched workspace. It only checks that the path is a regular file and does not enforce the SKILL.md claim that only .html, .md, and .txt files are handled.
inotifywait -m -e create,modify -r --format '%w%f %e' "$WATCH_DIR" | while read -r file_path event; do ... openclaw message send --target=telegram --message="[FILE] $filename" --media="$temp_file"
Restrict the watcher to explicit user-approved paths and extensions, add per-file confirmation or an allowlist, and avoid sending files automatically by default.
Private or sensitive local files in the workspace may leave the local environment and appear in a Telegram conversation or channel.
Local workspace files are copied and then transmitted to an external Telegram target. The artifacts do not define destination scope, channel identity, exclusions, or review boundaries for what may be sent.
cp -f "$file_path" "$temp_file"; then ... openclaw message send --target=telegram --message="[FILE] $filename" --media="$temp_file"
Clearly define the Telegram destination, require user approval for each upload, and exclude secrets, credentials, non-document files, and private directories.
Once started, the skill can keep sending future file changes without the user actively invoking it each time.
The script is a long-running monitor that continues watching for future file changes until interrupted, and the skill documentation describes silent automatic operation.
log "Auto-attach script started. Watching $WATCH_DIR" ... inotifywait -m -e create,modify -r
Provide explicit start/stop commands, visible status, session-bounded operation, and clear logs or prompts before any external send.
The skill may fail unexpectedly or rely on local commands the user did not realize were needed.
The package provenance is not identified and the metadata does not declare runtime dependencies, even though the script uses external commands. This is not malicious by itself, but it reduces install transparency.
Source: unknown ... No install spec — this is an instruction-only skill. ... Required binaries (all must exist): none
Publish a clear source/homepage, declare required commands such as inotifywait and openclaw, and document how the watcher is started and stopped.