Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Telnyx Rag
v1.0.1Semantic search and Q&A over workspace files using Telnyx Storage + AI embeddings. Index your memory, knowledge, and skills for natural language retrieval and AI-powered answers.
⭐ 0· 809·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description (Telnyx RAG) aligns with the implemented functionality (sync, embed, search, ask). Required items (python3 and TELNYX_API_KEY) are appropriate. However the included default patterns (e.g., skills/*/SKILL.md, GUARDRAILS.md, USER.md, SOUL.md, AGENTS.md, TOOLS.md) and the recommended bucket naming (openclaw-{agent-id}) go beyond a minimal personal indexer: they encourage gathering and making discoverable many other agents' or sensitive files, which is not obviously needed for a single-agent personal memory.
Instruction Scope
Runtime instructions and scripts actively scan the configured workspace (default '.'/various defaults), chunk many file types, and upload them to Telnyx Storage. SKILL.md and code repeatedly instruct indexing 'skills/*/SKILL.md' and many high-level project files (GUARDRAILS.md, AGENTS.md, etc.). That means the skill will read and transmit other skills' manifests and potentially other sensitive workspace files. The SKILL.md also recommends predictable, discoverable bucket names (openclaw-*) which increases the risk that uploaded data can be found across agents.
Install Mechanism
No external install/downloads; scripts are local and only require Python 3 and a curl call for key validation. There is no external archive download or package install, so install risk is low.
Credentials
Only TELNYX_API_KEY is requested (declared as primary credential) which is proportionate for a cloud storage/embedding integration. The code also supports a local .env file and reads it. No other unrelated credentials or system-level config paths are requested. However, given the broad file patterns, the single Telnyx key could enable bulk exfiltration of many files to Telnyx Storage — so the number of files that key can expose is large even though the credential list is small.
Persistence & Privilege
The skill is not force-enabled (always:false) and does not claim to alter other skills' configs. Setup updates its own config.json and may create buckets; this is typical. There is no evidence the skill persists beyond its own files or modifies unrelated agent/system settings.
What to consider before installing
This skill appears to be a working Telnyx-backed RAG tool, but it will by default scan and upload many workspace files (including other skills' SKILL.md and high-level guardrail/agent docs) to a Telnyx bucket whose naming scheme the author encourages to be predictable. Before installing: 1) Only run it in a tightly scoped directory (set 'workspace' in config.json to a dedicated folder). 2) Change the bucket name to a unique, non-discoverable name (avoid openclaw-*). 3) Remove or narrow patterns that would index other skills, guardrails, or any files that might contain secrets. 4) Use a Telnyx API key with limited permissions and a dedicated account for this purpose. 5) Review sync.py and config.json to confirm which globs will be uploaded. If you need the agent to index only local content and never send certain files to the cloud, do not run sync/embed or validate that the tool supports dry-run/local-only embedding. These mitigations would reduce the privacy/exfiltration risk; if you cannot limit the scope, consider this a high-risk integration.Like a lobster shell, security has layers — review code before you run it.
latestvk975kfkbjnhv81evg51z5pfc8h80w4tm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🧠 Clawdis
Binspython3
EnvTELNYX_API_KEY
Primary envTELNYX_API_KEY