Telegram Group Onboard
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for Telegram group onboarding, but it broadly opens group access and mutates OpenClaw configuration with limited scoping or confirmation.
Install only if you intentionally want this bot to process Telegram group messages broadly. Before running it, confirm the exact server and chat ID, prefer mention-only or allowlist mode unless you need open access, review the config diff/backups, and restrict who can add persistent project knowledge.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
People in the group may be able to trigger the bot on ordinary group messages, which can expose conversation content to the bot and any tools it has.
This explicitly expands the Telegram bot's permission boundary so group members can invoke it without mentioning it.
`requireMention: false` — bot responds to ALL messages (no @mention needed); `groupPolicy: open` — any group member can trigger the bot
Default to allowlist and requireMention=true unless the user explicitly confirms the group, server, and desired access level.
A mistaken host, chat ID, or default option could change the wrong gateway configuration and make the bot respond more broadly than intended.
The workflow uses raw shell/SSH commands to change bot configuration on a local or remote host, with broad defaults and no explicit approval gate shown.
scp scripts/add-telegram-group.sh <server>:/tmp/ ssh <server> "bash /tmp/add-telegram-group.sh <chat_id> false open"
Require an explicit user confirmation, show the exact host/chat ID/config diff, and prefer reversible allowlist-only changes before running remote commands or restarting services.
Users may enable a broad access mode without fully understanding that group members can cause the bot to process ordinary group messages.
The safety claim may understate the risk of enabling open group access, especially when combined with no-mention responses and possible tool use by the bot.
**Recommended fix:** Set `channels.telegram.groupPolicy: "open"` at the top level. This is safe when `dmPolicy: "pairing"` is active
Replace the blanket safety statement with a clear warning about who can trigger the bot, what data it will process, and when allowlist/mention-only mode is safer.
If many group members can add permanent knowledge, inaccurate or malicious entries could affect future bot responses in that group.
The skill tells the group that saved knowledge is persistent and automatically loaded on future messages, which can influence later agent behavior.
Alles was ihr als Knowledge speichert, lade ich bei jeder Nachricht automatisch mit.
Limit who can add persistent knowledge, review knowledge entries, and avoid storing sensitive or instruction-like content without moderation.
Users have less metadata to verify the origin and runtime prerequisites before allowing the skill to change gateway configuration.
The registry metadata gives limited provenance and does not declare command dependencies, even though the supplied workflow includes a shell helper.
Source: unknown; Homepage: none; Required binaries (all must exist): none; No install spec — this is an instruction-only skill.
Review the included script before use, verify required tools such as jq/ssh/scp are present, and prefer skills with clearer provenance and declared requirements.