ClawHub
Back to skill

Security audit

Telegram Contract Ops

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but it handles government ID, banking, and contract data while leaving sensitive files and OCR text insufficiently controlled.

Install only if you are prepared to operate it as a sensitive-data system. Use a private contract-only Telegram group, protect and rotate the bot token, avoid debug OCR in shared chats, run it in a restricted workspace, and add your own cleanup or retention process for .state, OCR JSON, downloaded images, mapped JSON, and generated DOCX files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script serializes highly sensitive personal and financial information, including ID numbers, addresses, bank account data, and contact details, into a predictable JSON file on disk in the output directory. In an agent or automation context, this increases the chance of unintended retention, disclosure through logs/backups/shared workspaces, or access by other local users/processes, especially because there is no minimization, warning, permission control, or cleanup.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The script prints extracted government ID fields and also the full raw OCR source text to stdout, which can expose highly sensitive personal data such as name, date of birth, ID number, and addresses. In agent or automation environments, stdout is often captured in logs, job traces, or downstream tools, turning a parsing utility into an unintended data exfiltration point.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The bot downloads CCCD identity images, writes them to disk, stores OCR artifacts, and persists session state containing extracted identity data, but does not present retention/disclosure information or minimize storage. This creates a real privacy and security exposure because highly sensitive personal data can remain on the host filesystem and in bot-accessible chats longer than necessary, increasing breach impact if the server or workspace is compromised.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal