OpenClaw Telegram ACP Troubleshooter

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only troubleshooting skill whose log checks and Telegram permission advice fit its stated OpenClaw support purpose.

Safe to install for its intended troubleshooting use. Review only the relevant log and session entries, redact secrets or private messages before sharing, and grant Telegram bot admin permissions only when needed for the group and topic behavior being tested.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Low

Confidence: 78% confidence
Finding: This markdown file includes parallel English and Chinese instructions, but it does not explain whether bilingual output is optional, required, or user-selectable. If organizational policy requires user opt-in before imposing a language or locale, this could be a natural-language policy issue.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal