Skillv1.0.0

ClawScan security

Create Agent + Telegram Bot · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 4:17 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: Instructions are coherent with the stated purpose (creating an OpenClaw/OpenAgent agent and binding a Telegram bot); the skill is instruction-only and asks you to run the OpenClaw CLI commands that are appropriate for that task.
Guidance: This skill is instruction-only and does what it says: it tells you how to add a Telegram bot token to OpenClaw config, create an agent, bind the bot, and restart the gateway. Before running the commands: 1) ensure the openclaw CLI is installed and reachable (metadata did not declare this dependency); 2) consider using a non-root workspace path if you don't want to write into /root/.openclaw (the example uses /root); 3) back up your OpenClaw config before changing it because the commands will store the bot token and may overwrite settings; 4) be aware that restarting the gateway will affect service availability and requires appropriate privileges; 5) if you prefer not to run these commands automatically, perform them manually so you can verify each step and the token you supply.

Review Dimensions

Purpose & Capability: noteThe SKILL.md clearly describes creating an OpenClaw/OpenAgent agent and binding a Telegram bot using the openclaw CLI. That purpose justifies setting a bot token in config, adding an agent, binding it, and restarting the gateway. However, the registry metadata lists no required binaries even though the instructions require the openclaw CLI; this metadata omission is inconsistent and should be fixed.
Instruction Scope: okThe instructions are specific and limited to the stated task: obtain a BotFather token, write it to openclaw config, add an agent, bind the Telegram account, and restart the gateway. They do not instruct reading unrelated files or exfiltrating data. Note: the instructions write credentials (bot token) into OpenClaw config and restart gateway — both are expected for this operation but are impactful actions.
Install Mechanism: okThere is no install spec (instruction-only), so nothing will be downloaded or written by the skill itself. This is lower risk. The skill assumes the openclaw CLI is present on the host.
Credentials: okNo environment variables or external credentials are requested by the registry metadata. The use of a Telegram bot token is appropriate and is provided explicitly in the commands (not implicitly requested via environment vars). Ensure you trust the destination config path where you store the token.
Persistence & Privilege: notealways is false and the skill doesn't request persistent/dormant privileges in metadata. However, the commands modify OpenClaw configuration and restart the gateway — operations that typically require elevated privileges and will affect the running service. That system-level impact is expected for the stated task but should be considered before running.