Back to plugin
Pluginv1.0.0
ClawScan security
Claw Switchboard · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 19, 2026, 10:15 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The plugin's code, runtime instructions, and configuration requirements are coherent with a Telegram switchboard router: it needs a Telegram bot token, performs polling, routes messages to agents or HTTP backends, and stores small local state — nothing requested or installed is disproportionate to that purpose.
- Guidance
- This plugin appears to do what it says: it requires you to configure a Telegram bot token in the channel config and will take over long-polling for that token. Before installing, consider: (1) the plugin will write small state files (telegram-offset.json and chat-target-state.json) under the OpenClaw state directory; (2) it will call Telegram APIs to set bot commands, delete any existing webhook, poll for updates, and send messages; (3) any HTTP targets you configure will receive routed message content — only point those to services you trust; (4) the plugin attempts to import OpenClaw SDK modules from the host runtime using OPENCLAW_PACKAGE_ROOT or process.argv[1], so ensure your OpenClaw runtime installation is the one you trust; (5) there are no extra required env vars or external downloads. If you need stronger isolation, run the switchboard in a workspace with limited agent permissions or review the source files locally before enabling.
Review Dimensions
- Purpose & Capability
- okName/description match the implementation: code implements long-polling, deterministic routing, agent and HTTP targets, and outbound Telegram calls. There are no unrelated environment variables or surprising binaries required.
- Instruction Scope
- noteSKILL.md describes taking over long-polling and routing — the code does that. Additional runtime behaviours not emphasized in the README: the service writes local state files (offset and per-chat target state) in the OpenClaw state directory, synchronizes bot commands via Telegram (setMyCommands / setChatMenuButton), and will delete an existing webhook before polling. These are expected for a long-polling Telegram plugin but worth knowing explicitly.
- Install Mechanism
- okNo install spec that fetches remote code; package is self-contained source with a normal package.json and setup entry. The plugin locates and imports host OpenClaw SDK modules from the runtime installation (no network downloads).
- Credentials
- noteThe plugin requires a Telegram bot token via its channel config (botToken) — appropriate and expected. It does access process.env.OPENCLAW_PACKAGE_ROOT if present to locate the host runtime, and it reads process.argv[1]; these are reasonable for locating host SDK files but are not declared in SKILL.md (they are optional lookup mechanisms). The plugin does not request other secrets or unrelated credentials.
- Persistence & Privilege
- okalways is false and the plugin is user-invocable. It writes plugin-specific state files in the runtime state directory (offset and chat-target state) and imports modules from the host runtime — standard behaviour for a channel plugin and proportional to its function.