ClawHub
Back to skill
v1.0.0

Telnyx Network

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:34 AM.

Analysis

This skill appears to do what it claims, but it grants high-impact network and privilege control that should be reviewed carefully before installation.

GuidanceInstall only if you are comfortable giving the agent Telnyx network-management authority and, if you run setup-sudoers.sh, passwordless control over WireGuard commands. Review costs, public port exposure, registry bucket access, and remove the sudoers rule when you no longer need autonomous mesh management.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusNote
SKILL.md
./add-public-ip.sh
./expose.sh 443
# Now https://64.16.x.x:443 reaches your server

The documented workflow intentionally creates public ingress to local services. This is aligned with the skill purpose, but it is a high-impact network action.

User impactA service on your machine can become reachable from the internet, and Telnyx resources may add monthly charges.
RecommendationApprove public IP creation and port exposure explicitly. Avoid --yes or --force unless you understand the exposure and cost, and verify that only intended services are listening.
Unexpected Code Execution
SeverityMediumConfidenceMediumStatusConcern
join.sh
--name) NAME="$2"; shift 2 ;; ... python3 << EOF ... 'name': '$NAME',

The peer name argument is expanded directly into generated Python source rather than passed as encoded data, so a crafted name could alter the Python code path if accepted.

User impactIf an agent uses an attacker-controlled node name, the local script could fail or run unintended Python under the user's account.
RecommendationUse simple trusted node names only. The skill author should validate names and pass values to Python through argv, environment variables, or JSON encoding instead of interpolating them into source code.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
discover.sh
Telnyx CLI not found. Install with: npm install -g @telnyx/api-cli

Some registry/discovery commands depend on a global npm-installed Telnyx CLI that is not reflected in the declared required binaries.

User impactSetup may require installing additional global tooling that was not declared in the top-level requirements.
RecommendationInstall the Telnyx CLI only from the expected package source, pin or review the version where possible, and update metadata to declare this dependency.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
setup-sudoers.sh
SUDOERS_LINE="$TARGET_USER ALL=(ALL) NOPASSWD: $WG_PATHS" ... echo "$SUDOERS_LINE" > "$SUDOERS_FILE"

The script installs a persistent sudoers rule allowing passwordless execution of all detected wg and wg-quick binaries for the target user.

User impactAfter this setup, an agent running as that user can change WireGuard networking without a fresh password prompt; mistakes or prompt compromise could disrupt or expose networking.
RecommendationOnly run the sudoers setup if you truly want autonomous WireGuard control. Inspect /etc/sudoers.d/wireguard-<user>, remove it when not needed, and consider requiring manual approval or stricter command/path limits for wg-quick.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityMediumConfidenceHighStatusNote
register.sh
BUCKET="${TELNYX_MESH_BUCKET:-openclaw-mesh}" ... "hostname": "$HOSTNAME" ... telnyx storage object put "$BUCKET" "$TEMP_FILE" -k "nodes/$NODE_NAME.json"

The registry publishes node name, mesh IP, hostname, and metadata into a Telnyx Storage bucket used for discovery.

User impactOther agents or users with access to the same bucket can learn mesh topology details and may rely on registry entries for direct communication.
RecommendationUse a private per-mesh bucket, restrict bucket access, verify node identities before connecting, and unregister stale nodes.