Telegram Send File

Before installing or running this skill, note the following: - The script requires a Telegram bot token (TELEGRAM_BOT_TOKEN) but the registry metadata does not declare this. Provide a bot token only if you understand the risk: the token grants the skill the ability to post messages and upload files as that bot. - The script will try multiple token and config file locations in your home directory (e.g., ~/.telegram_bot_token, ~/.config/telegram-send-file/config, ~/.openclaw/openclaw.json) and will read ~/.openclaw/session-state.json for auto-detection of chat/topic. If those files contain sensitive data you do not want exposed to the bot, remove or relocate them before use. - The skill can upload arbitrary local files and URLs. Do not run it on a machine or as a user that has access to files you would not want sent to the target Telegram chat. Consider creating a dedicated, limited user account or container for running the script. - The included script appears truncated/buggy at the end (a call to get_toke instead of get_token and the file appears cut off). That suggests the packaged code may be incomplete or broken—inspect and fix the code locally before use. Recommended mitigations: - Only use a bot token with minimal privileges and ideally one dedicated to this automation (avoid using tokens that control other critical bots). - Move or sanitize any OpenClaw config/session files that contain unrelated secrets, or run the script in an environment without those files if you don't want automatic discovery. - Review the script source in full (and fix the truncation/bug) before running. If you expect the skill to be trustworthy, ask the author/registry to update the package metadata to declare TELEGRAM_BOT_TOKEN and the config paths the script reads.