Agent Shark Mindset
WarnAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill is not malware, but it should be reviewed carefully because it sets up autonomous Telegram posting of financial signals using delegated bot credentials with little human approval.
Install only if you intentionally want an autonomous agent to publish market and promotional content to your Telegram channels. Use a dedicated limited-permission bot, start in a private test channel, require manual approval for trading signals, and periodically review the cron jobs and stored memory files.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The bot could publish inaccurate, off-brand, or unauthorized financial/trading content to public or paid audiences, creating reputational, financial, or compliance risk.
The scheduled agent is explicitly authorized to publish market signals to external Telegram channels without a visible pre-publication human approval step.
- Publish FREE signals (teaser format) to public Telegram channel - Publish VIP signals (full SHARK FORMAT) to private VIP channel
Add an owner approval step before any public or VIP post, use a test channel first, restrict the bot to approved channels, and keep auditable logs of every published message.
If misconfigured or over-permissioned, the agent or anyone with the bot token could post to channels tied to the user's brand or business.
The skill requires Telegram bot credentials and channel identifiers, which are purpose-aligned but allow delegated posting to the configured Telegram destinations.
requires:\n env:\n - TELEGRAM_BOT_TOKEN\n - TELEGRAM_CHAT_ID\n - OWNER_CHAT_ID\n - PUBLIC_CHANNEL_ID\n - VIP_CHANNEL_ID
Use a dedicated bot with the minimum channel permissions needed, keep the token secret, rotate it if exposed, and verify the public/VIP channel IDs before enabling automation.
Readers may overtrust automated trading signals or paid promotions, and the owner may face reputational or regulatory issues if uncertainty and risk are not clearly communicated.
In a financial-signal context, the prompt pushes the agent toward highly confident sales-style messaging and discourages ordinary uncertainty language.
Every output — signal, post, report — is delivered with absolute clarity. Not "this could be interesting." ... Uncertainty gets quantified. Never expressed as weakness.
Require balanced risk language, source links, uncertainty disclosure, and human review for investment-related posts, especially paid VIP recommendations.
Bad, stale, or sensitive data in these files could affect future automated recommendations or expose business/revenue notes within the workspace.
The skill stores tracking, memory, and learning data that can influence later reports or signal calibration.
write:\n - /workspace/CASHFLOW/TRACKING/tracker_state.json\n - /workspace/memory/YYYY-MM-DD.md\n - /workspace/.learnings/LEARNINGS.md
Review these files periodically, avoid storing unnecessary sensitive subscriber data, and reset or edit learned notes if the agent starts using incorrect assumptions.
If enabled and forgotten, the agent can keep producing reports and publishing content on the configured schedule.
The recurring cron setup is disclosed and user-configured, but it creates persistent autonomous activity that can continue on a schedule.
Configure these 3 cron jobs in your OpenClaw interface after installing the skill.
Set an expiry or review cadence for the cron jobs, keep a clear kill switch, and disable the jobs when the campaign or channel is no longer actively supervised.