ClawHub
Back to skill
v1.0.0

Telegram PDF Scraper

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:23 AM.

Analysis

Review recommended: the skill largely matches its Telegram PDF scraping purpose, but it stores a Telegram Web session locally and auto-clicks/downloads Telegram links while overstating its PDF-only safety.

GuidanceBefore installing, understand that this skill will automate a logged-in Telegram Web session and keep that session in a local profile folder. Use a contained download directory, verify the channel before running, do not rely on the anti-malware/PDF-only claim, scan downloaded files before opening them, and remove or revoke the Telegram Web session when finished.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
main.py
links = msg.locator("a").all() ... if not safe_filename.lower().endswith('.pdf'): safe_filename += ".pdf" ... link.click(force=True)

The code scans all anchor links in messages, force-clicks them, and renames non-.pdf link text to .pdf rather than verifying the Telegram object type, file extension, MIME type, or user approval for each download.

User impactA Telegram channel could cause the skill to download files that are not actually PDFs or that the user did not intend to save, even though they may be named with a .pdf extension locally.
RecommendationRequire explicit per-file confirmation or a preview list, verify Telegram document metadata and MIME type before downloading, and avoid force-clicking generic message links.
Human-Agent Trust Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
**Anti-Malware:** This skill is hard-coded to ignore and block dangerous external links ... **Internal Only:** It only interacts with native Telegram "Document" objects ... download only `.pdf` files.

The safety wording is stronger than the implementation supports, because the code uses generic anchors and extension renaming rather than proving files are safe PDFs or native Telegram document objects.

User impactUsers may place too much trust in the downloaded files and skip normal safety checks because the skill advertises anti-malware and PDF-only protections.
RecommendationTreat downloaded files as untrusted, scan them before opening, and update the skill documentation to accurately describe what is and is not verified.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
requirements.txt
playwright>=1.40.0

Playwright is purpose-aligned for Telegram Web automation, but the dependency is not pinned to an exact reviewed version.

User impactA future install could resolve to a newer Playwright version than the author tested.
RecommendationInstall dependencies from trusted sources and prefer a pinned, reviewed dependency version or lockfile for reproducible installs.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusConcern
main.py
user_data_dir = os.path.abspath("./openclaw_chrome_profile") ... p.chromium.launch_persistent_context(user_data_dir=user_data_dir, headless=False, accept_downloads=True)

The skill creates a persistent browser profile that can hold the user's Telegram Web session, giving the automation delegated access to that Telegram account and retaining session state locally.

User impactYour Telegram Web login may remain available to this skill's browser profile after the run, so anyone or anything using that profile could potentially access Telegram Web as you.
RecommendationUse a dedicated Telegram session if possible, log out of Telegram Web after use, delete the openclaw_chrome_profile folder when finished, and revoke the session from Telegram's active sessions if you no longer need it.