Telegram File Browser
v0.1.1Build or improve Telegram inline-button file browsers and menu-style navigators. Use when creating Telegram chat UIs for browsing directories, paging lists,...
⭐ 0· 160·0 current·0 all-time
by@just-cj
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (Telegram inline-button file browser) matches the included scripts: listing directories, building button layouts, validating callbacks, previewing files, and returning send/send-file plans. The default root (~/.openclaw/workspace) and state path are consistent with a local workspace browser. No unrelated environment variables, binaries, or config paths are requested.
Instruction Scope
SKILL.md explicitly instructs the agent to run the included Python scripts via the exec tool and to pass the returned message-tool payloads unchanged to the message tool. The scripts legitimately read the local filesystem (list, preview, and send files) and persist state under the runtime state path. This is in-scope for a file browser, but note the agent will execute project code and read files under the configured workspace; the skill's behavior is not limited to describing UI flows but to actually reading file contents and returning them (or paths) to the messaging tool.
Install Mechanism
There is no install spec (instruction-only skill with bundled scripts). Nothing is downloaded from the network or installed automatically. The scripts live in the skill bundle and are executed via exec; that is the lowest-risk install mechanism in this model.
Credentials
The skill declares no required env vars, credentials, or external service keys. All file and config access is to paths under the user's home/workspace, which is proportional to a local file-browser capability. The code also contains path checks (is_within_root) and validation preventing raw paths in callback_data, which reduces accidental leakage via callbacks.
Persistence & Privilege
always is false and the skill does not request system-wide privileges. It persists state under ~/.openclaw/workspace/.openclaw/telegram-file-browser/state.json and may update that file (expected). One caution: because the skill can read and send files from the workspace (including previews and attachments), an autonomously-invoking agent with permission to call the message tool could exfiltrate workspace files—this is coherent with its purpose but is a potential data-exposure vector you should consider.
Assessment
This skill appears to do exactly what it says: run local Python scripts to present a Telegram-style inline-button file browser rooted in your workspace. Before installing or enabling it for autonomous use, consider: 1) Review the included scripts yourself (they are bundled and readable) to confirm no sensitive paths outside your intended root will be accessed. 2) If you want to limit exposure, change the default root from ~/.openclaw/workspace to a restricted directory or require an explicit root argument. 3) Confirm the agent's message tool behavior and access policy (who can receive sent files). 4) If you do not want the agent to be able to send files automatically, restrict autonomous invocation or require user confirmation before sending attachments. 5) Run the skill in a sandboxed environment if you are concerned about exposing local data. Overall the code contains reasonable path checks and payload validation, and there are no unexplained network endpoints or secret requirements.Like a lobster shell, security has layers — review code before you run it.
latestvk973n6wfka1x9xrfkv80xz34ex82y5bc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.