Telegram Routing

Security checks across malware telemetry and agentic risk

Overview

This is a narrow Telegram routing helper that clearly says it reads and changes OpenClaw routing config, with operational cautions but no evidence of hidden or malicious behavior.

Install this only if you want an agent command that can change OpenClaw Telegram routing. Check the current status before switching models, confirm the intended backend/provider, and remember that changes persist in ~/.openclaw/openclaw.json and a gateway restart may briefly affect message handling.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill explicitly instructs changing `~/.openclaw/openclaw.json`, writing the new configuration, and restarting the gateway service, but it provides no warning, confirmation step, backup guidance, or scope limitation. Because this alters local state and service behavior for message routing, an operator could unintentionally disrupt availability, reroute messages to a different provider, or expose traffic to a backend with different trust, logging, or billing characteristics.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal