v0.1.0

Telegram Send File

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:58 AM.

Analysis

This skill does what it claims—send user-specified files to Telegram—but users should notice that it uses Telegram bot credentials and may auto-detect the destination chat from local OpenClaw state.

GuidanceBefore installing, make sure you are comfortable with the skill reading your Telegram bot token from local configuration and sending selected local files to Telegram. For sensitive files, provide an explicit chat ID/topic and avoid relying only on auto-detected session context.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusNote

scripts/telegram_send_file.py

with open(file_path, "rb") as fh: ... result = await bot.send_document(document=fh, **upload_kwargs)

The script uploads a user-specified local file to Telegram. This matches the skill purpose, but it is still an external file-sharing action.

User impactA local file selected by the agent or user can be posted to a Telegram chat.

RecommendationUse it only when you intentionally want to send that file, and verify the file path and target chat before sending sensitive content.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

README.md

pip install python-telegram-bot>=20.0

The skill depends on an external Python package installed manually, while the registry metadata does not declare an install spec or required dependency.

User impactUsers must install the dependency themselves, and the registry metadata may not fully describe the runtime requirement.

RecommendationInstall dependencies from trusted package sources and consider pinning a known-good package version.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

README.md

Token File Locations (checked in order) ... TELEGRAM_BOT_TOKEN ... ~/.telegram_bot_token ... ~/.openclaw/openclaw.json → channels.telegram.botToken

The skill uses Telegram bot credentials from environment variables or local configuration files to act as the bot.

User impactAnyone invoking the skill with access to those credentials can send files as the configured Telegram bot.

RecommendationKeep the bot token private, restrict the bot to intended chats, and revoke/regenerate the token if it is exposed.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

scripts/telegram_send_file.py

state_path = Path.home() / ".openclaw" / "session-state.json" ... chat_id = inbound.get("chat_id") ... topic_id = int(inbound_topic)

The script can route sends based on persistent OpenClaw session-state data rather than an explicit chat ID.

User impactIf the saved session context is stale or incorrect, a file could be sent to the wrong Telegram chat or topic.

RecommendationFor important or sensitive files, pass an explicit --chat-id and --topic-id instead of relying on auto-detection.