Back to skill

Security audit

Create Agent + Telegram Bot

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a disclosed multi-agent team setup tool, with some operational and secret-handling caveats users should manage carefully.

Install only if you intend to let this skill create or modify an OpenClaw team workspace. Review generated apply-config.js before applying it, keep a backup of openclaw.json, treat Telegram bot tokens as secrets, and schedule gateway restarts/cron activation when interruption is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs users to place a live Telegram bot token directly into configuration and even shows a realistic token format in examples, but provides no warning that the token is a secret, should not be committed to logs or documentation, and should be stored using a secrets mechanism if available. In this context, the token grants control over the bot integration, so accidental disclosure could let an attacker impersonate the bot, read or send messages through the integration, or disrupt the bound agent workflow.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The skill directs operators to restart the gateway without warning that this may briefly interrupt service or affect other agents using the same gateway. While this is an operational safety issue rather than an exploit primitive, unannounced restarts can cause avoidable downtime and disrupt active automations or user sessions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.