Security audit

Telegram Wim Wsl File Delivery

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed playbook for sending user-selected local files through OpenClaw chat channels, with no evidence of hidden persistence, credential theft, or destructive behavior.

Install this only if you want an agent to help send local files to Telegram or another OpenClaw channel. Before each send, verify the exact file path, destination target, and file contents, because the selected file leaves your machine; consider removing any temporary HTML copy from /tmp/openclaw afterward.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill instructs the agent to use shell execution extensively (`ls`, `file`, `cp`, `chmod`, `mkdir`, `node`, `openclaw`) but does not declare corresponding permissions. This creates a capability mismatch where reviewers or policy systems may underestimate what the skill can do, and if user-controlled file paths or targets are interpolated into shell commands, the shell access increases the blast radius to arbitrary local file access or command injection in downstream use.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal