ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Telegram Contract Ops

v1.0.1

Automate Vietnamese contract creation and eID intake via Telegram by parsing inputs, OCRing ID images, generating .docx contracts, and routing workflows by g...

0· 238·0 current·0 all-time
byVĩnh Tâm@vt-mmm

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for vt-mmm/telegram-contract-ops.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Telegram Contract Ops" (vt-mmm/telegram-contract-ops) from ClawHub.
Skill page: https://clawhub.ai/vt-mmm/telegram-contract-ops
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install telegram-contract-ops

ClawHub CLI

Package manager switcher

npx clawhub@latest install telegram-contract-ops
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The scripts implement exactly what the description promises (Telegram bot flows, OCR via Apple Vision, parsing eID fields, mapping to a docx generator). That functionality legitimately needs access to Telegram and local runtimes. However the manifest/registry metadata declares no required env vars or binaries even though the code depends on them, which is an incoherence to flag.
Instruction Scope
The SKILL.md describes only the bot, Plan B/Plan C flows, and deployment steps; it instructs the operator to keep tokens and group IDs out of the packaged skill. The runtime instructions and references are scoped to the stated task and do not ask the agent to read unrelated system secrets. (They do, however, instruct operators to create local .env files with sensitive tokens — which is expected for a Telegram bot.)
Install Mechanism
No install spec (instruction-only from registry) is lower risk, and the skill's files are bundled as scripts rather than fetching remote code. That's reasonable. But the code executes local subprocesses (python3, node, swift) without declaring those runtime binaries in the registry, creating a platform/config mismatch that should be fixed.
!
Credentials
The package metadata lists no required environment variables, yet the bot and scripts clearly require TELEGRAM_BOT_TOKEN, TELEGRAM_CONTRACT_CHAT_ID / TELEGRAM_MANAGEMENT_CHAT_ID, PLAN_B_TEMPLATE_DOCX, PLAN_B_OUTPUT_DIR and rely on runtime PATH entries for node/python3/swift. This omission is a meaningful incoherence: required secrets are used at runtime but not declared, preventing an accurate vetting of the skill's claimed needs.
Persistence & Privilege
The skill stores state and artifacts under the installation working directory (.state/, plan-b/output, temp OCR JSON files). It does not request elevated system privileges or force installation (always:false). The persistent artifacts can contain sensitive PII (ID images, OCR text, mapped JSON), so operators should ensure file permissions and rotation/cleanup policies.
What to consider before installing
This skill appears to do what it says (Telegram bot + OCR + docx generation), but there are important inconsistencies to resolve before installing: - The package metadata lists no required env vars or binaries, yet the code requires TELEGRAM_BOT_TOKEN, TELEGRAM_CONTRACT_CHAT_ID, TELEGRAM_MANAGEMENT_CHAT_ID, PLAN_B_OUTPUT_DIR, PLAN_B_TEMPLATE_DOCX and depends on node, python3, and (for OCR) swift/Apple Vision. Treat those as required secrets/runtimes. - Review all scripts locally before running. Pay attention to: execFileSync/child_process calls (the code runs python and swift), file write paths (.state/, plan-b/output, temp .ocr.json), and the Telegram usage (it calls Telegram API directly). These are expected, but verify paths and token usage. - Fix or override hard-coded defaults before deployment: the Python generator contains defaults pointing at /Users/vtammm/.openclaw/workspace which look like developer-specific paths — change these to appropriate, isolated directories so files aren't written into unexpected home directories. - Limit bot token scope and group membership. Use a dedicated Telegram bot token with minimal privileges, add the bot only to intended groups, rotate the token after setup, and store tokens in a local, access-controlled .env file (not checked into source control). - Protect PII and artifacts. OCR outputs, ID images, and mapped JSON contain sensitive personal data; run the skill on a machine with disk encryption, set restrictive file permissions on output/state directories, and implement a cleanup/retention policy. - If you need Plan C OCR on non-macOS, the repository warns the Swift/Apple Vision OCR is macOS-only. Replace or audit any alternate OCR engine before enabling it. If you trust the author and will run the skill in a controlled environment after making the above changes (declare required env vars and runtime binaries in your deployment policy, correct default paths, and secure tokens/artifacts), the code itself is consistent with its stated purpose. If you cannot validate or edit the code and environment, avoid installing it on production systems.
scripts/plan-b-telegram-to-docx.js:154
Shell command execution detected (child_process).
scripts/telegram-planb-bot.js:75
Shell command execution detected (child_process).
scripts/telegram-planb-bot.js:7
Environment variable access combined with network send.
!
scripts/telegram-planb-bot.js:22
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk974efe4rzfyfdm3z4ayykdy6h835d6c
238downloads
0stars
2versions
Updated 22h ago
v1.0.1
MIT-0
Vĩnh Tâm@vt-mmm
latest
Download

Telegram Contract Ops

Use this skill for the combined Plan B + Plan C workflow.

What this skill covers

  • Parse standardized Telegram text blocks into contract data
  • Generate .docx contracts from a company template
  • Run Telegram bot flows for /mauhopdong, /cccd, /cccd_debug
  • OCR Vietnamese electronic ID screenshots and convert them into Plan B input blocks
  • Route contract behavior by Telegram group

Current design boundary

Plan B

  • Input: structured Telegram-style KEY: VALUE block
  • Output: .docx contract file

Plan C

  • Input: 1 screenshot of Vietnamese electronic ID from app
  • OCR output fields:
    • TEN
    • NGAY_SINH
    • CCCD
    • NGAY_CAP
    • THUONG_TRU
    • CHO_O_HIEN_TAI when available
  • Hardcode:
    • NOI_CAP = CTCCS QLHC VTTXH
  • User confirms/edits block before final contract generation

Keep these outside the packaged skill

  • Telegram bot token
  • group chat IDs
  • .env.telegram
  • .env.telegram.groups
  • OCR debug session artifacts
  • state files and logs

Included references

  • references/architecture.md - flow overview and routing
  • references/deployment.md - migration/install checklist
  • references/input-template.md - canonical Telegram input block
  • references/clawhub.md - publish/install/update commands via ClawHub
  • references/troubleshooting.md - common runtime and routing issues
  • references/windows.md - Windows-specific guidance
  • references/macos.md - macOS-specific guidance

Included assets/scripts

Read these only when needed:

  • scripts/ for generator/parser/bot helpers
  • assets/ for original .docx template
  • assets/windows/ for Windows example env files and quick-start PowerShell wrapper

Comments

Loading comments...