telegram-send-photo

SuspiciousAudited by ClawScan on May 10, 2026.

Overview

The skill does send photos via Telegram, but it hardcodes a bot token/chat ID and can upload the latest local screenshot to that fixed recipient.

Do not run this skill as-is unless the Telegram bot token and chat ID are yours and you intend to send the selected image to that chat. Replace the hardcoded values with secure user-provided configuration, confirm the exact file before sending, and be especially careful because running the Python file directly sends the latest PNG from `D:\mimoTool\photo`.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

ConcernHigh Confidence

ASI03: Identity and Privilege Abuse

What this means

Photos may be delivered to a Telegram chat the user does not control, and the embedded bot token is exposed to anyone who can read the skill.

Why it was flagged

The skill embeds a Telegram bot credential and fixed chat destination as defaults, so use without overrides sends through that bot and to that chat rather than credentials and a recipient selected by the user.

Skill content

if bot_token is None:
        bot_token = "8610746914:AAHvbRYhGar_DD81-70IeWSSfkDLyvrWKY0"
    if chat_id is None:
        chat_id = "8422738233"

Recommendation

Remove hardcoded secrets and require the user to provide their own bot token and chat ID through declared secure configuration before sending.

ConcernHigh Confidence

ASI02: Tool Misuse and Exploitation

What this means

Running the script as-is could upload a local screenshot or photo to the hardcoded Telegram recipient without the user reviewing the exact file and destination at send time.

Why it was flagged

When executed as a script, it selects the latest PNG from a fixed local photo/screenshot folder and sends it via the default Telegram configuration, with no visible confirmation step.

Skill content

photo_dir = r"D:\\mimoTool\\photo"
...
return send_photo(photo_path, caption)
...
if __name__ == "__main__":
    send_latest_screenshot(caption="测试截图喵~🐾")

Recommendation

Require explicit user confirmation of the file path, caption, bot token, and chat ID before each send; avoid automatic latest-screenshot sending as the default entry point.

NoteHigh Confidence

ASI04: Agentic Supply Chain Vulnerabilities

What this means

Users may install a dependency outside the registry’s normal install controls.

Why it was flagged

The skill depends on an external Python package installed manually and unpinned. This is expected for Telegram API calls, but users should notice that the registry install metadata does not declare or pin it.

Skill content

- requests library (`pip install requests`)

Recommendation

Declare dependencies in installation metadata and pin trusted versions where possible.