ClawHub

Telegram 自动签到

Security checks across malware telemetry and agentic risk

Overview

The skill is for Telegram bot check-ins, but it also tells users to keep a logged-in Telegram Web browser session running and auto-restarting in the background.

Review before installing. Use only the on-demand check-in flow unless you deliberately want Telegram Web to reopen at login and after closure. Treat the Chrome profile as sensitive account access, avoid casual profile backups, avoid predictable /tmp screenshots, and verify the browser is in the intended bot chat before allowing the script to send commands or click buttons.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill instructs users to install a persistent launchd watchdog that auto-starts at boot and continuously relaunches a browser session. This materially exceeds the core task of performing a Telegram check-in and creates long-lived background execution and persistence on the host, increasing attack surface and user exposure if the profile or automated browser session is abused.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill description promotes persistent cookie storage and reuse of a Telegram session without warning that the Chrome profile contains sensitive authenticated session data. If the profile directory is copied, backed up insecurely, or accessed by another local process, an attacker may hijack the Telegram Web session.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The watchdog setup enables automatic background browser restart at boot but does not clearly warn users that a browser tied to an authenticated Telegram profile may keep running persistently. This reduces user awareness and can leave an authenticated session available longer than intended.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script saves screenshots of Telegram Web to predictable paths under /tmp, which can expose chat contents, bot responses, usernames, or other sensitive session data to other local users, processes, or later forensic recovery. In this skill context, the risk is elevated because the automation uses a persistent logged-in browser profile for a messaging platform, so screenshots may capture authenticated content and account state.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal