ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Telnyx Network

v1.0.0

Private mesh networking and public IP exposure via Telnyx WireGuard infrastructure. Connect nodes securely or expose services to the internet.

0· 975·0 current·0 all-time
by@teamtelnyx
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The code and SKILL.md implement Telnyx WireGuard mesh and public-IP exposure, which fits the name/description. However the declared requirements (only 'wg' binary and TELNYX_API_KEY) are incomplete: the scripts also rely on curl, python3, sudo, iptables/ip/ifconfig, wg-quick, and the optional 'telnyx' CLI. The skill therefore underdeclares what it needs, which is an incoherence the user must notice.
!
Instruction Scope
Runtime instructions and scripts perform privileged system changes (writing /etc/sudoers.d via setup-sudoers.sh), create and store WireGuard private keys (wg-<name>.conf), modify iptables to open ports, and create/delete cloud resources via Telnyx APIs/storage. Those actions are within the documented feature set, but they are high-impact: the sudoers change enables passwordless execution of wg/wg-quick, and the skill's automation could bring up interfaces or expose services without further explicit system prompts if the user enables it.
Install Mechanism
There is no registry install spec (instruction-only), and all code is bundled as scripts in the package. No external download URLs are used. This is lower risk than arbitrary remote installers, but the presence of many local scripts means you must review them before running. The package does not provide an automated install; it expects users to run the provided scripts manually (including the sudoers installer).
Credentials
The declared primary credential is TELNYX_API_KEY, which is appropriate for the Telnyx API calls present. However scripts also source a local .env (which can contain arbitrary values) and call the Telnyx CLI (which may use separate auth). The skill will store WireGuard private keys and config.json locally — these are sensitive secrets stored on disk and not encrypted by the scripts.
!
Persistence & Privilege
The README explicitly instructs the user to run setup-sudoers.sh to allow passwordless sudo for wg/wg-quick so the agent can manage WireGuard autonomously. While enabling autonomous management is a functional requirement, the resulting persistent sudoers entry combined with normal model-invocation (disable-model-invocation is false) increases blast radius: an agent or any process that can invoke these scripts could bring up interfaces, change firewall rules, or expose services without additional password prompts. This is a meaningful privilege escalation risk and should be accepted only consciously.
What to consider before installing
What to consider before installing/using: - Review and verify the scripts yourself. They will: call Telnyx APIs, create/delete cloud resources, write WireGuard config files containing private keys (wg-<name>.conf), modify iptables, and (optionally) add a sudoers file to allow passwordless wg/wg-quick. - Missing declared dependencies: the SKILL metadata only lists 'wg' and TELNYX_API_KEY, but the scripts also require curl, python3, sudo, iptables (or nftables equivalent), ip/ifconfig, wg-quick, and (for some commands) the Telnyx CLI. Ensure these are acceptable and installed. - Sudoers change is high-impact. setup-sudoers.sh writes /etc/sudoers.d/wireguard-<user> to allow passwordless execution of wg/wg-quick. Only run this if you trust the code and understand that it lets processes run WireGuard commands without a password. - Secrets handling: WireGuard private keys and config.json are saved unencrypted in the skill directory. Treat the TELNYX_API_KEY with least privilege (create a scoped/revocable key if Telnyx supports it) and consider file permissions and where you run these scripts (use an isolated VM/container if unsure). - Autonomous invocation: the skill is invocable by the agent and not marked 'always', but if you enable passwordless sudo you effectively permit the agent to manage networking without interactive confirmation. If you do not want that, do not run setup-sudoers.sh; instead run privileged commands manually. - Network exposure: exposing ports and adding an Internet Gateway will make services reachable from the public internet. The scripts block a list of database/SSH ports by default, but you should double-check firewall rules and only expose what you intend. - Safe deployment suggestions: test in an isolated environment (VM/container), use a Telnyx API key with minimal scope, audit and possibly harden the scripts (encrypt private keys, restrict sudoers to exact command paths and arguments, ensure iptables rules are safe), and avoid enabling passwordless sudo if you cannot fully audit and trust the code. If you want, I can produce a checklist of exact lines to inspect/change in the scripts to harden them (e.g., restrict sudoers commands, secure file permissions, or avoid saving private keys to disk).

Like a lobster shell, security has layers — review code before you run it.

latestvk9753q5hw3dm6k5dfp0k0nsthn80wsxn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌐 Clawdis
Binswg
EnvTELNYX_API_KEY
Primary envTELNYX_API_KEY

Comments