Telegram
Security checks across malware telemetry and agentic risk
Overview
This Telegram skill is a disclosed integration guide that uses ClawLink to connect a bot and perform Telegram actions with confirmation for writes.
Install only if you trust ClawLink with the Telegram bot token and are comfortable letting the connected bot read or act in chats where it has access. Review write previews carefully, especially for sending messages, deleting content, changing commands, or creating/revoking invite links.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.