Telegram Media Resolver
v1.0.0Resolve Telegram <media:image>, <media:document>, <media:video> and other media placeholders into actual files for vision/analysis. Use when a Telegram message contains a media placeholder (e.g. <media:image>) that you cannot see — typically in quoted/replied-to messages or group chat history. Downloads the media via Telegram Bot API and returns a local file path for the image tool or further processing.
⭐ 0· 967·1 current·1 all-time
by@kurinzo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The name/description, the runtime script (scripts/fetch_media.py), and the documented workflow align: the tool forwards a message, extracts file_id, downloads from api.telegram.org, and returns a local path. A Telegram bot token and chat/message IDs are legitimately required for this functionality.
Instruction Scope
SKILL.md instructs the agent to read the bot token from ~/.openclaw/openclaw.json using a shell pipeline, which accesses a specific local config path that is not declared anywhere in the skill metadata. The instructions also recommend temporarily forwarding messages (which may be visible) and to use a private DM for cleanup; these are operational notes but expand the scope to interacting with chat history and potentially visible forwards. The explicit local file read is the primary scope creep.
Install Mechanism
No install spec or remote downloads are present; the skill is instruction+one Python script included in the bundle. This is low-risk from an installation perspective (nothing fetched from arbitrary URLs).
Credentials
The metadata declares no required environment variables or credentials, but both the script and usage require a Telegram Bot API token. SKILL.md suggests reading the token from an OpenClaw config file (~/.openclaw/openclaw.json), which is a sensitive local credential access that the skill metadata does not declare or justify. The skill should explicitly declare the bot token requirement and/or avoid instructing the agent to read an undeclared config file.
Persistence & Privilege
always:false (default) and model invocation is allowed (normal). The skill does not request persistent system-wide privileges or modification of other skills. No evidence it writes persistent credentials or modifies other skills' config.
What to consider before installing
This skill appears to do what it says (download media via the Telegram Bot API), but the documentation instructs the agent to read a local OpenClaw config (~/.openclaw/openclaw.json) to obtain the bot token while the skill metadata declares no required credentials — that mismatch is the main red flag. Before installing or using it: 1) ask the publisher to update the metadata to declare the Telegram bot token as a required credential (or remove the instruction to read the local config); 2) avoid letting the agent automatically read your OpenClaw config—prefer passing the bot token explicitly via a secure input or env var scoped to this skill; 3) review the included script (scripts/fetch_media.py) yourself — it is short and readable and only talks to api.telegram.org — and run it in an isolated environment if you must test; 4) ensure the bot token you provide has minimal permissions (use a dedicated bot) and that the bot is a member of the target chat; and 5) be aware forwarding may briefly appear in chats. If the publisher cannot justify the undeclared config access, treat the skill with caution or refuse to install it.Like a lobster shell, security has layers — review code before you run it.
latestvk9768kvaxc4kz5zqbrza5g5cyd80vg5r
License
MIT-0
Free to use, modify, and redistribute. No attribution required.