Back to skill
Skillv1.1.0
ClawScan security
Telnyx Cli · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 19, 2026, 7:38 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill is mostly coherent for a Telnyx CLI helper, but it embeds automatic account/signup flows and automatic API-key generation/storage via companion skills — behavior that expands scope and deserves caution.
- Guidance
- This skill looks like a straightforward Telnyx CLI helper, but it also includes an automated account/signup flow that will generate and store API keys on the user's behalf via companion skills. Before installing or running: 1) Don't run setup.sh blindly — inspect it (it runs npm install -g and telnyx auth setup). 2) Ask the skill author what the 'telnyx-bot-signup' endpoint is, where it runs, and review its source before allowing any handoff that will generate API keys. 3) Prefer creating your Telnyx API key yourself via the Telnyx portal and only use the CLI with your own key. 4) If you do allow automated signup, ensure the resulting ~/.config/telnyx/config.json file is permissioned securely and confirm the exact flow (where magic links are sent and what third parties are involved). Because the companion/account-creation behavior expands the skill's scope beyond a simple CLI wrapper, treat it with caution and verify companion skill code and endpoints first.
Review Dimensions
- Purpose & Capability
- concernThe skill's stated purpose (wrap the Telnyx CLI) matches the required binary and example commands. However the SKILL.md also instructs automatic handoff to companion skills that create API keys and perform account upgrades (telnyx-bot-signup, telnyx-freemium-upgrade). Generating API keys on the user's behalf and writing them to disk is outside the narrow scope of a CLI wrapper and isn't justified by the simple purpose description.
- Instruction Scope
- concernRuntime instructions include installing a global npm package, running 'telnyx auth setup', and an explicit automated flow to call a 'bot_signup' endpoint to generate API keys. The doc even instructs 'Do NOT ask whether the user has an account' — this gives the agent wide discretion to trigger account creation/sign-in and write credentials to ~/.config/telnyx/config.json without a clear consent/confirmation step.
- Install Mechanism
- noteNo formal install spec is declared (instruction-only), but SKILL.md and setup.sh instruct npm install -g @telnyx/api-cli. That's a common, moderately-privileged operation (global npm install) and expected for a CLI integration, but it requires network access and may require elevated permissions on some systems.
- Credentials
- noteThe skill does not request environment variables or other service credentials directly (declares none). It does, however, instruct storing an API key in ~/.config/telnyx/config.json and relies on companion skills to create that key. Requesting no env vars is consistent, but delegating API-key creation to an external handoff increases the surface for credential creation/exfiltration and should be reviewed.
- Persistence & Privilege
- okThe skill does not request always:true, does not modify other skill configs, and only writes to per-user config paths (~/.config/telnyx). These behaviors are typical for a CLI helper. The automatic handoff behavior increases the attack surface only insofar as companion skills are invoked.