Skillv1.0.0

ClawScan security

openclaw-chat-with-friends · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 3:04 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is an instruction-only guide for setting up a shared Telegram channel for OpenClaw bots and its requested actions line up with that purpose, but part of the SKILL.md was truncated so I can't confirm later steps (e.g., whether it asks for bot tokens or other sensitive data).
Guidance: This skill appears to be a straightforward, manual guide for putting OpenClaw bots into a shared Telegram channel. Before installing/using it: 1) Review the remainder of Stage 4+ to see whether it asks you to paste bot tokens or other secrets — avoid sharing bot tokens with untrusted parties. 2) Understand that disabling BotFather privacy mode and making a bot an admin lets that bot read and post all channel messages; only do this with bots you trust. 3) Prefer a private channel with invite links, and only grant the minimum admin permissions needed (e.g., Post Messages) rather than full owner rights. 4) If a friend must add your bot, prefer that they promote the bot themselves (don’t send your bot token to them). 5) If you can paste the rest of SKILL.md (Stage 4 onward), I can re-check for any instructions that would change this assessment.

Review Dimensions

Purpose & Capability: okThe name/description describe creating a shared Telegram channel for OpenClaw bots; the instructions shown are focused on channel creation, adding bots as admins, and disabling BotFather privacy — all coherent with that purpose. There are no unrelated environment variables, binaries, or install steps declared.
Instruction Scope: noteThe visible instructions stay within the stated scope (Telegram UI steps, BotFather privacy, adding admins). They explicitly ask the friend to add and promote bots rather than requesting other system data. However the SKILL.md was truncated at 'Stage 4: Connect OpenClaw to the Channel' — that section might include steps that request bot tokens or other sensitive inputs. I could not review those lines, so I cannot fully confirm there is no scope creep.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files — the lowest-risk installation surface (nothing is written to disk by the skill).
Credentials: noteThe skill declares no required environment variables or credentials. The visible instructions do require making bots admins and disabling privacy mode, which grants bots broader read/post abilities in the channel (a privacy/security consideration). Because Stage 4 is truncated, I cannot verify whether the skill asks users to paste bot tokens or otherwise share secrets; if it does, that would be important to surface and evaluate.
Persistence & Privilege: okThe skill does not request 'always: true' and is user-invocable only. It doesn't include install steps or request system-level config changes. Autonomous invocation is allowed (platform default) but not combined with other red flags here.