orchestration, telegram, cron

Before installing or running this skill, consider the following: - Metadata mismatch: The registry declares no required env vars, but SKILL.md requires GROUP_CHAT_ID, PM_FROM_ID and DEV_BOT_TOKEN and asks you to edit ~/.openclaw/openclaw.json. Treat DEV_BOT_TOKEN as a sensitive secret — the package should have declared it. - Trust boundary: This setup lets a trusted PM bot trigger local CLI commands (clawhub install/update, openclaw cron add/run). If PM_FROM_ID or group configuration is wrong or spoofed, an attacker could cause the Dev server to install arbitrary skills or run cron jobs. Only enable this in a private, well-controlled group and verify PM_FROM_ID carefully. - CLI outputs may leak secrets: The scaffold returns CLI stdout/stderr (truncated). Ensure clawhub/openclaw commands do not print secrets in outputs before forwarding replies into chat. - Review installed skills: clawhub install pulls and installs third-party skill code that will run on your server. Consider using an isolated environment or manual review process for newly installed skills. - Filesystem writes: The script writes temporary job JSON into the workspace and suggests editing openclaw config. Back up configs and ensure workspace path permissions are appropriate. - Use the included script only for testing: scripts/dev_executor.py is a scaffold that reads stdin or prints parse results; it does not itself integrate with Telegram APIs (intentionally). Integrate only via controlled wrappers and prefer OpenClaw's own gateway allowlist mechanism rather than running an always-on unreviewed daemon. If you want to proceed: ask the author to update the package metadata to declare the required credentials (mark DEV_BOT_TOKEN as primaryEnv), and consider performing an audit of any ClawHub packages you allow the Dev bot to install. If you want to be safer, run the Dev bot in an isolated VM/container and restrict network/volume access.