ClawHub

Telegram Post

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a Telegram posting helper, but it exposes a reusable bot credential and documents broad group access that users should review carefully.

Install only if you control the Telegram bot and target groups. Treat the embedded bot token as compromised, rotate it, remove it from the skill, store credentials in a secret mechanism, limit bot permissions, enable Privacy Mode unless full-message access is truly required, and confirm the target group, message, and media before posting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
99% confidence
Finding
The skill embeds direct Telegram Bot API calls containing a live bot token, expanding scope beyond the stated OpenClaw CLI usage and exposing credentials to anyone who can read the file. A leaked bot token can let an attacker query bot metadata, send messages, and potentially abuse the bot's privileges in configured groups.

Missing User Warnings

High
Confidence
99% confidence
Finding
This section demonstrates outbound network requests to Telegram while directly exposing bot credentials, with no warning that the token is sensitive authentication material. Anyone reusing or copying the example gains the bot's API credential and can transmit content as the bot.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill explicitly states Privacy Mode is disabled and that the bot can read all group messages, but presents this as a feature without warning users about surveillance and data-handling implications. In a group context, this creates risk of broad collection of participant messages and unintended exposure of personal or sensitive information.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal