ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Telegram Direct Send

v1.0.0

Send images to Telegram via direct Bot API using curl. Works around OpenClaw's broken image delivery pipeline (issue

0· 49·0 current·0 all-time
by@niccoreyes
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Skill name and description match the instructions (it uses curl to call Telegram Bot API). However the registry metadata lists no required environment variables while the SKILL.md repeatedly instructs users to provide TELEGRAM_BOT_TOKEN and TELEGRAM_CHAT_ID — an incoherence between declared requirements and actual runtime needs.
Instruction Scope
SKILL.md is instruction-only and stays on-task: it shows curl commands to call Telegram endpoints and how to obtain bot token/chat id. It tells the agent/user to source a .env file and offers a wrapper script that sources the .env from the skill directory; these instructions grant the skill access to user-provided secrets and local filesystem paths but are consistent with the stated purpose.
Install Mechanism
No install spec and no code files — instruction-only. Required binary is curl which is appropriate and reasonable for the stated purpose.
!
Credentials
The runtime clearly needs TELEGRAM_BOT_TOKEN and TELEGRAM_CHAT_ID, but the registry metadata lists no required env vars. Requiring a bot token (a secret that allows sending messages/files to Telegram) is proportionate to the feature, but the missing declaration is a metadata inconsistency. Also, storing/sourcing the token from ~/.bashrc or an auto-loaded .env introduces persistence of secrets and increases risk if the file or skill directory is writable by others.
Persistence & Privilege
Skill is not forced always-on and does not request elevated privileges. However SKILL.md recommends adding an auto-source line to shell startup to load the .env from the skill workspace, which would persist credentials into interactive shells — an optional convenience that raises persistence and exfiltration risk if misused.
What to consider before installing
This skill appears to do what it says (use curl to call Telegram Bot API), but the package metadata does not declare the environment variables the instructions require. Before installing: (1) treat TELEGRAM_BOT_TOKEN as a secret — prefer creating a dedicated bot with minimal scope and use a throwaway chat for testing; (2) do not blindly add auto-source lines to your ~/.bashrc unless you understand the security implications (sourcing a .env from a writable skill folder can be abused); (3) verify the skill's source/author (no homepage or repo is provided here); (4) if you proceed, keep the bot token out of version control, and revoke the token immediately if you suspect misuse. The metadata mismatch is the main red flag — ask the publisher to update the registry to declare required env variables (TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID) so the permission model is transparent.

Like a lobster shell, security has layers — review code before you run it.

latestvk974vg3rjp4s8mp8ar1qvfdfy584e0rh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl

Comments