Telegram Media
WarnAudited by ClawScan on May 10, 2026.
Overview
Review before installing: this skill runs shell commands that upload media to Telegram and defaults to a hard-coded Telegram chat using undeclared local API credentials.
Install only if you control the Telegram bot, the ElevenLabs account, and the intended Telegram chat. Before use, set and verify TELEGRAM_CHAT_ID instead of relying on the hard-coded default, and review the local ~/clawd helper scripts because they were not included in the package.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed outside its original environment, media, documents, or voice clips could be sent through a Telegram bot to the hard-coded chat rather than to the user's intended recipient.
The skill uses local service credentials and identifies a fixed Telegram recipient; the registry metadata declares no required env vars or primary credential.
All commands run from `~/clawd` where `load_env.py` loads the `.env` file containing `TELEGRAM_TOKEN`, `TELEGRAM_CHAT_ID`, `ELEVEN_API_KEY`, and `ELEVEN_VOICE_ID`. Boss Man's chat ID: `7887978276`
Remove the hard-coded chat default, require the user to configure and confirm TELEGRAM_CHAT_ID, and declare the Telegram and ElevenLabs credentials in the skill metadata.
The agent may run local Python commands that read files and send them to external APIs when the skill is invoked.
The skill intentionally directs the agent to run shell commands for media generation and upload; this is central to the purpose but is still a sensitive execution path.
**You MUST actually execute every command using your shell/exec tool.**
Use only with trusted file paths and confirm the Telegram recipient before allowing uploads.
The skill may execute local code that was not part of the reviewed package.
The instructions depend on local helper files that are not included in the artifact set, so their behavior and provenance cannot be reviewed here.
sys.path.insert(0, '.') import load_env ... cd ~/clawd && python3 crypto_charts.py
Review the local ~/clawd/load_env.py and ~/clawd/crypto_charts.py files before using this skill, or require the skill package to include reviewed helper code.