ClawHub

telegram send files

Security checks across malware telemetry and agentic risk

Overview

This skill behaves like a Telegram file-sending CLI, but users should understand that selected files leave the device and bot credentials may be saved locally.

Install only if you are comfortable with a global CLI that uploads files you name to a configured Telegram chat. Treat the bot token as a secret, restrict access to ~/.tsend/config.json, prefer environment variables if you do not want a saved token, and use --dry-run before sending broad globs or files from sensitive folders.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill advertises a file-sending command but does not warn that files and captions are uploaded to Telegram, a third-party service. Users may unknowingly transmit sensitive documents or metadata off-device, increasing the risk of unintended disclosure and privacy violations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The instructions tell users to store a Telegram bot token and chat ID in a local config file without warning that the token is a sensitive credential and that persistence on disk can expose it to other local users, backups, or accidental disclosure. A leaked bot token can allow unauthorized use of the bot and potential abuse of associated messaging workflows.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The save() method persists the entire configuration dictionary to ~/.tsend/config.json, and this file is likely to contain sensitive values such as the Telegram token and chat ID. There is no warning, consent flow, or file-permission hardening, so users may unknowingly store secrets in plaintext where they can be exposed through local compromise, backups, shared accounts, or overly permissive default filesystem settings.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal