Notification System
v1.0.1Manage outbound notifications across WhatsApp, Telegram, email. Handle templates, scheduling, delivery tracking, rate limiting.
⭐ 0· 175·1 current·1 all-time
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
high confidencePurpose & Capability
The description claims full outbound delivery across WhatsApp, Telegram, and Outlook email, with scheduling, tracking, and rate limiting, but the bundle contains only templates, a pending.json queue, and docs. There are no connector implementations, no code to talk to WhatsApp/Telegram/Office365, and no declared credentials; the SKILL expects external tools (a 'message' CLI and an 'outlook' skill) and scripts that are not provided. The required capabilities (API keys, bot tokens, SMTP/O365 access) are missing from the package and not declared.
Instruction Scope
SKILL.md instructs the agent to run commands and scripts (e.g., message send, outlook send, node notification-system/process-queue.js, and PowerShell helpers) and to read/store queue and log files, but the referenced runtime artifacts are absent. The instructions stay within the notification-system directory, which is appropriate, but they rely on unspecified external tools/skills and on files that the package does not contain (see missing files below). This creates scope ambiguity: the agent may try to locate or invoke arbitrary system tools or other skills to fulfill these steps.
Install Mechanism
No install spec and no shipped executable code reduces installation risk — nothing will be automatically downloaded or executed by an installer. This is an instruction-only skill (low write-to-disk risk).
Credentials
The skill declares no required environment variables or credentials, yet to perform its stated function it would need WhatsApp/Telegram bot tokens and Office365 credentials (or other provider keys). The absence of declared primaryEnv or required env vars is disproportionate to the advertised functionality and is an incoherence that should be resolved before use.
Persistence & Privilege
always is false and there is no indication the skill requests persistent elevated privileges or modifies other skills or system settings. It only references local files under notification-system, which is reasonable.
What to consider before installing
This skill reads like documentation and templates for a notification system rather than a ready-to-run integration. Before installing or using it: 1) Do not run any referenced scripts (node notification-system/process-queue.js, quick-notify.ps1, process-queue.ps1, get-stats.ps1) unless you have reviewed their code — those files are referenced but not included. 2) Expect to supply channel credentials (WhatsApp API/broker, Telegram bot token, Office365/API credentials) — the skill does not declare or request them, so plan secure storage (secrets manager) and never paste keys into untrusted prompts. 3) Verify where sending will actually occur: SKILL.md relies on a 'message' CLI and an 'outlook' skill that are external; confirm those tools exist and are trustworthy. 4) Check missing artifacts the docs reference (process-queue.js, PowerShell scripts, queue/scheduled.json, logs/ delivery files, and a config/ folder) — their absence means the skill is incomplete and an agent might attempt to locate or call other system components. 5) If you need this functionality, obtain a version that includes the connector code or a clear, minimal integration guide for securely configuring connectors and credentials. If you cannot verify these points, treat the package as incomplete and avoid enabling it for autonomous use.Like a lobster shell, security has layers — review code before you run it.
latest
Notification System Agent
Centralized outbound notification management for all channels (WhatsApp, Telegram, email).
Architecture
notification-system/
├── SKILL.md # This file
├── templates/ # Message templates by channel & type
│ ├── whatsapp/ # WhatsApp templates
│ ├── telegram/ # Telegram templates
│ └── email/ # Email templates
├── queue/ # Pending notification queue
├── logs/ # Delivery logs
├── rate-limiters.json # Rate limit configuration
└── config/ # Channel configs
Supported Channels
| Channel | Config | Rate Limits |
|---|---|---|
channels.whatsapp | 60 msg/min, 1000/day | |
| Telegram | channels.telegram | 30 msg/sec, 20 msg/min |
| Email (Outlook) | office365-connector | 30 msg/hour, 300/day |
Rate Limiting
Default limits per channel:
- WhatsApp: 1 message/second (safety), burst of 5
- Telegram: 30 messages/second hard limit from API
- Email: 60 emails/hour to prevent spam flags
Rate limit config: notification-system/rate-limiters.json
Template Variables
All templates support:
{{recipient}} - Target name/ID
{{date}} - Current date
{{time}} - Current time
{{subject}} - Message subject
{{body}} - Message body
{{cta_url}} - Call-to-action link
{{sender_name}} - Business/sender name
{{company}} - Company name
Sending a Notification
# Via message tool
message send --channel whatsapp --target "+18184389562" --message "Your appointment is confirmed for {{date}}"
Telegram
# Via message tool
message send --channel telegram --target "655641853" --message "System alert: {{subject}}"
# Via outlook skill
outlook send --to "recipient@email.com" --subject "{{subject}}" --body "{{body}}"
Queue System
Notifications are queued in notification-system/queue/pending.json:
{
"id": "uuid",
"channel": "whatsapp|telegram|email",
"target": "recipient-id",
"template": "template-name",
"variables": {},
"scheduled_at": "ISO8601 or null",
"created_at": "ISO8601",
"priority": "high|normal|low",
"status": "pending|sent|failed|delivered",
"attempts": 0,
"last_error": null
}
Scheduling
Scheduled notifications stored in notification-system/queue/scheduled.json with cron-like scheduling.
Use cron jobs with notification-system/process-queue.js to process scheduled items.
Delivery Tracking
Logs stored in notification-system/logs/delivery-YYYY-MM-DD.json:
{
"id": "notification-uuid",
"timestamp": "ISO8601",
"channel": "whatsapp",
"target": "+1...",
"template": "appointment-confirm",
"status": "delivered|sent|failed",
"latency_ms": 450,
"error": null
}
Template Management
Templates stored in notification-system/templates/{channel}/{type}.md:
templates/
├── whatsapp/
│ ├── appointment-confirm.md
│ ├── appointment-reminder.md
│ ├── payment-received.md
│ ├── status-update.md
│ ├── broadcast-promotion.md
│ └── support-acknowledged.md
├── telegram/
│ ├── system-alert.md
│ ├── status-report.md
│ ├── daily-brief.md
│ └── broadcast.md
└── email/
├── invoice.md
├── welcome.md
└── notification.md
Process Queue
To process pending notifications:
node notification-system/process-queue.js
Status Commands
- List pending:
Get-Content queue/pending.json | ConvertFrom-Json - Check rate limits:
Get-Content rate-limiters.json - View recent logs:
Get-Content logs/delivery-$(Get-Date -Format 'yyyy-MM-dd').json
Best Practices
- Batch wisely: Group similar notifications, respect quiet hours
- Fallback channels: If WhatsApp fails, try Telegram, then email
- Deduplicate: Don't send same notification twice within 24h
- Opt-out handling: Honor STOP/opt-out requests immediately
- Personalize: Use recipient name and relevant variables
- Monitor delivery: Check logs for failures and retry
Priority Handling
high: System alerts, urgent items → Skip rate limit queuenormal: Standard notifications → Normal rate limitinglow: Marketing, non-urgent → Strictest rate limiting
Comments
Loading comments...