ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Telegram Toolkit

v1.0.0

Provides Telegram-based B2B sales tools with bot commands, inline keyboards for quick BANT qualification, large file sharing, and channel-specific sales stra...

0· 10·0 current·0 all-time
by@ipythoning
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md clearly targets Telegram-based B2B SDR flows (commands, inline keyboards, large file strategy). However it repeatedly instructs the agent to create/read CRM records, check CRM country fields, send drafts to an 'owner', and route files between channels — operations that normally require connectors and credentials. The skill declares no required env vars, config paths, or binaries to perform CRM or cross-channel actions, which is inconsistent with its described capabilities.
!
Instruction Scope
Instructions explicitly tell the agent to read and write CRM state (create records, check customer history/country), inspect Telegram profile language, ask for external usernames, and route files to other channels. Those are concrete side-effects beyond mere templating. The SKILL.md does not explain what connectors to use, where credentials come from, or how 'send to owner' approval is implemented — granting the agent broad discretion without clear boundaries.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so there is no disk install risk. The lack of install artifacts is consistent with a templates/how-to skill.
!
Credentials
Despite instructing CRM reads/writes and cross-channel file routing, the skill declares no required environment variables, primary credential, or config paths. That mismatch is concerning: practical use would require access tokens or connectors (CRM API keys, Telegram bot token, owner notification channel) that are not declared or scoped here.
Persistence & Privilege
The skill does not request always-on presence and is user-invocable. It does not instruct modifying other skills or system-wide settings. Autonomous invocation is allowed by platform default, but there is no additional persistence or elevated privilege requested by the skill itself.
What to consider before installing
This skill contains useful Telegram templates and flows, but it expects the agent to read and write CRM data and route files across channels without declaring how that access is provided. Before installing, verify: (1) where CRM/owner/Telegram connectors will come from and that they require least privilege API keys (do not supply broad platform credentials); (2) the skill's provenance — who published it and whether you trust them; (3) how the agent will handle personally identifiable information (usernames, country) and cross-border data sharing; (4) that 'send to owner' and approval flows won't leak customer data to unintended recipients. If you proceed, test in a sandbox with dummy data and ensure audit logging and scoped credentials for CRM and the Telegram bot.

Like a lobster shell, security has layers — review code before you run it.

latestvk9792mwf929hk7xrrpt4wa0gqd843w8g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

telegram-toolkit — Telegram SDR Best Practices & Templates

Bot commands, inline keyboards, large file handling, and channel-specific sales strategies for Telegram-based B2B SDR.

Why Telegram for B2B Sales

AdvantageImpact
No 72h windowProactive outreach anytime — nurture, follow-ups, stalled leads
2GB file limitFull product catalogs, certifications, video demos
Bot commandsStructured self-service (/catalog, /quote, /status)
Inline keyboardsOne-tap BANT qualification, 3-5x faster than free-text
Username-basedLower barrier — customer doesn't expose phone number
Free APINo per-message cost
No account bansBot API is stable, unlike WhatsApp's aggressive anti-automation

Bot Commands

Register these commands with @BotFather using /setcommands:

start - Welcome message and product overview
catalog - Browse product catalog
quote - Request a quotation
status - Check order or quote status
contact - Speak with a human representative
language - Change conversation language

Command Behavior

/start

  1. Detect language from Telegram user profile
  2. Send welcome message with company intro (2-3 sentences max)
  3. Create CRM record: source = telegram_organic, status = new
  4. Offer product categories via inline keyboard
  5. Begin BANT qualification naturally

/catalog

  1. Check CRM for customer's product interest (if returning)
  2. If known interest: Send relevant product section + full catalog link
  3. If unknown: Send inline keyboard with product categories
  4. Always include: specs, MOQ, typical lead time
  5. File format: PDF preferred, under 20MB per file

/quote

  1. Check if BANT data exists in memory
  2. If incomplete: Trigger inline keyboard qualification flow
  3. If complete: Generate quote draft → send to owner for approval
  4. Confirm to customer: "I'm preparing your quotation, will have it ready shortly."

/status

  1. Read CRM for customer's active records
  2. Return: latest status, pending actions, next follow-up date
  3. If quote_sent: "Your quote was sent on [date]. Would you like to discuss it?"
  4. If no records: "I don't have an active order for you yet. Would you like to start one?"

Inline Keyboard Flows

Quick BANT Qualification

Step 1 — Need (Product):

{
  "text": "What products are you interested in?",
  "reply_markup": {
    "inline_keyboard": [
      [{"text": "{{product_1}}", "callback_data": "product_1"}],
      [{"text": "{{product_2}}", "callback_data": "product_2"}],
      [{"text": "{{product_3}}", "callback_data": "product_3"}],
      [{"text": "📋 Full catalog", "callback_data": "full_catalog"}]
    ]
  }
}

Step 2 — Budget (Volume):

{
  "text": "What's your estimated order quantity?",
  "reply_markup": {
    "inline_keyboard": [
      [{"text": "< 100 units", "callback_data": "qty_small"}],
      [{"text": "100-500", "callback_data": "qty_medium"}],
      [{"text": "500-1000", "callback_data": "qty_large"}],
      [{"text": "1000+", "callback_data": "qty_bulk"}]
    ]
  }
}

Step 3 — Timeline:

{
  "text": "When do you need delivery?",
  "reply_markup": {
    "inline_keyboard": [
      [{"text": "This month", "callback_data": "timeline_urgent"}],
      [{"text": "1-3 months", "callback_data": "timeline_soon"}],
      [{"text": "3-6 months", "callback_data": "timeline_planning"}],
      [{"text": "Just exploring", "callback_data": "timeline_exploring"}]
    ]
  }
}

Step 4 — Authority: After 3 keyboard interactions, ask naturally in conversation: "Are you the purchasing decision-maker, or should I prepare materials for your team?" (Don't use a keyboard for this — it feels too transactional.)

Quick Actions Keyboard

Send after qualification is complete:

{
  "text": "How can I help you next?",
  "reply_markup": {
    "inline_keyboard": [
      [{"text": "📋 Get a quote", "callback_data": "action_quote"}],
      [{"text": "📦 Product specs", "callback_data": "action_specs"}],
      [{"text": "🏭 Factory info", "callback_data": "action_factory"}],
      [{"text": "👤 Talk to sales rep", "callback_data": "action_human"}]
    ]
  }
}

Large File Strategy

Telegram's 2GB limit makes it the best channel for heavy files:

Use CaseFileAction
Product catalogPDF, 10-100MBSend directly via Telegram
Certification docs (ISO, CE, etc.)PDF, 1-20MBSend on request
Product video / factory tourMP4, 50MB-2GBSend via Telegram, link on WhatsApp
Test reportsPDF, 1-10MBSend on request
Proforma invoicePDF, < 5MBSend here + email for formal record

Cross-channel file routing: When customer is on WhatsApp and needs a large file:

"The full catalog is 85MB — I'll send it to you on Telegram. What's your Telegram username?"

Telegram-First Markets

In these markets, treat Telegram as the primary channel:

MarketWhy Telegram First
Russia / CIS80%+ business messaging on Telegram
IranTelegram is the dominant platform
Eastern EuropeStrong Telegram adoption for B2B
Central AsiaTelegram preferred over WhatsApp
Tech/crypto industryGlobal preference for Telegram

Detection: Check CRM country field. If Russia/CIS/Iran/Eastern Europe, default to Telegram-first strategy.

Nurture via Telegram

Telegram has no messaging window — ideal for long-term nurture:

Nurture Cadence (Telegram)

TimingContent
Day 0Initial contact + product overview
Day 3Relevant case study or industry insight
Day 7Specific product recommendation based on their interest
Day 14New product announcement or limited offer
Day 30Market update or trade show invitation
Day 60+Quarterly check-in with personalized industry news

Telegram Channel (One-to-Many)

For customers who follow your brand channel:

  • Weekly: Industry news, market trends
  • Bi-weekly: New product announcements
  • Monthly: Case studies, customer success stories
  • Never: Direct sales pitches (keep those in DM)

Security Notes

  • Bot Token stored in secrets.sh, never in config.sh or workspace files
  • dmPolicy: "pairing" requires pairing code — use for exclusive/VIP access
  • dmPolicy: "open" (not available in all OpenClaw versions) — accepts all DMs
  • Admin commands restricted to whitelist (same as WhatsApp)
  • Rate limit: Same anti-abuse measures as WhatsApp (15 msg/5min, 50 msg/1hr)

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…