ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Screenshot Telegram Direct

v1.0.0

Capture website screenshots and send to Telegram via direct API. Works around OpenClaw's broken image delivery (issue

0· 45·0 current·0 all-time
by@niccoreyes
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The script and SKILL.md both implement capturing a website via an external screenshot API and posting to Telegram — this matches the advertised purpose. However the registry metadata lists no required environment variables, while both SKILL.md and screenshot-send.sh require three secrets (TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID, SNAP_API_KEY). That mismatch between declared requirements and actual runtime needs is a material incoherence.
Instruction Scope
Runtime instructions and the script only call the snapshot service (snap.llm.kaveenk.com) and Telegram API (api.telegram.org), and write a temporary file in /tmp which is removed on success. These actions are within the stated purpose. The docs do recommend auto-sourcing a .env from the skill directory into the user's shell profile (~/.bashrc / ~/.zshrc), which broadens scope by making secrets available to every shell session — this is a potentially risky recommendation and should be optional and clearly explained.
Install Mechanism
No install spec; this is an instruction-only skill with a single helper script. Installation is limited to copying .env, making the script executable, and optionally adding a cron entry — nothing is downloaded or written by an automated installer.
!
Credentials
The skill requires three sensitive environment values (TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID, SNAP_API_KEY) but the registry metadata advertises none. SNAP_API_KEY is sent to an external domain (snap.llm.kaveenk.com) — trust in that service is required because it will receive the URL and any content necessary to produce screenshots. Recommending global auto-sourcing of .env increases the blast radius if those secrets are compromised.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system settings. The only persistent change the docs suggest is editing a shell profile to auto-load the .env, which is a user action (not automatic) but exposes secrets to all shell sessions if applied.
What to consider before installing
Key points before installing: (1) Metadata inconsistency — the registry says no env vars but the script requires TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID, and SNAP_API_KEY. Treat that as a red flag and verify with the author. (2) The script sends the SNAP_API_KEY and the target URL to snap.llm.kaveenk.com; confirm you trust that third party (or run your own screenshot service). (3) Avoid automatically sourcing .env from ~/.bashrc unless you understand the risk of exposing tokens to all shells; prefer sourcing manually per session or using a constrained wrapper. (4) Keep .env out of version control, rotate tokens after testing, and test with a throwaway bot/chat and a non-sensitive URL. (5) If you need higher assurance, ask the publisher for a homepage or source repository, or replace the external snap endpoint with a known/trusted service or self-hosted screenshot tool.

Like a lobster shell, security has layers — review code before you run it.

latestvk974fyxvsnkgjkjjnvb1pn0djd84fv2k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl

Comments