Skillv1.0.1

ClawScan security

OpenClaw Telegram ACP Troubleshooter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 19, 2026, 3:40 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, file references, and suggested commands are coherent with its stated purpose (diagnosing Telegram→OpenClaw delivery problems); it requests no credentials, installs no software, and only instructs reading local OpenClaw logs and service state.
Guidance: This skill appears coherent and safe in that it only advises inspecting local OpenClaw state and Telegram-related logs and does not request credentials or install code. Before using: 1) confirm you trust the agent runtime because the troubleshooting steps involve reading files under ~/.openclaw and /tmp/openclaw and running user-level systemctl commands (these logs can contain sensitive info); 2) if you are uncomfortable letting an automated agent read logs, run the listed commands yourself and share only the relevant redacted excerpts; 3) the skill forbids revealing secrets but that is a guideline in the instructions — treat it as your responsibility to avoid pasting tokens or full config dumps into external outputs; 4) because the skill is instruction-only, it won't install anything, but if you publish or mirror it into a shared workspace, ensure the workspace contains the expected OpenClaw layout so the checks make sense.

Purpose & Capability: okName/description match the runtime instructions: all checks focus on Telegram delivery, gateway health, and OpenClaw session/log inspection. The skill requests no unrelated credentials or binaries and does not attempt to modify unrelated subsystems.
Instruction Scope: okSKILL.md tells the agent to run systemctl --user and to tail/read logs and session files under ~/.openclaw and /tmp/openclaw — these actions are directly relevant to diagnosing message delivery. Note: the instructions read potentially sensitive local logs and session files (expected for troubleshooting), but they do not instruct exfiltration to external endpoints.
Install Mechanism: okInstruction-only skill with no install spec and no code files. Nothing is written to disk or downloaded by the skill itself.
Credentials: okNo environment variables, credentials, or config paths are required. The SKILL.md explicitly instructs not to reveal secret values, and there are no declared env requirements that would be disproportionate to the task.
Persistence & Privilege: okalways is false and the skill does not request persistent system presence or modify other skills. It does require the agent (when invoked) to have permission to read user-level systemd state and user files, which is appropriate for the diagnostic scope.