ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Telegram Group Moderation

v0.1.3

Moderate Telegram groups with a bot by receiving message/webhook events, extracting text/caption/media context, applying anti-advertising and anti-contact po...

0· 94·0 current·0 all-time
byXavier Mary@xaviermary56
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's name and description match the included code and docs: it is a Telegram webhook → normalization → moderation-core → Telegram-action integration layer. However the registry metadata declares no required environment variables or primary credential, while the bundled scripts and SKILL.md clearly expect secrets and endpoints (e.g., TELEGRAM_BOT_TOKEN, TELEGRAM_WEBHOOK_SECRET, MODERATION_CORE_ENDPOINT, MODERATION_CORE_TOKEN, ADMIN_REVIEW_CHAT_ID). That omission is an incoherence: a moderation integration legitimately needs those secrets and should declare them.
!
Instruction Scope
SKILL.md and the example scripts instruct the agent/service to parse Telegram updates and POST normalized message content and metadata (chat_id, message_id, user_id, username, text/caption, media flags) to an external moderation core. This is within the stated purpose, but the instructions access environment variables and external endpoints that were not declared in the skill metadata. The instructions do not appear to read unrelated local secrets or files beyond their own config examples, and they recommend storing tokens in environment variables and validating webhook secrets.
Install Mechanism
There is no install spec (instruction-only with example scripts). That carries low install risk because nothing will be fetched or executed automatically by the platform. The presence of example code files means the user will deploy/run them in their environment — review is still necessary, but the skill itself does not automatically pull external binaries or archives.
!
Credentials
The example code and docs expect multiple sensitive environment variables and configuration (TELEGRAM_BOT_TOKEN, TELEGRAM_WEBHOOK_SECRET, MODERATION_CORE_ENDPOINT, MODERATION_CORE_TOKEN, TELEGRAM_ADMIN_REVIEW_CHAT_ID, MUTE_SECONDS, TELEGRAM_API_BASE, redis/db credentials if used). The registry lists none. Requiring a bot token and an external moderation endpoint is proportionate for the stated purpose, but it should be declared explicitly. The bigger risk is that message content and user identifiers are transmitted to the moderation core, so the moderation endpoint must be trusted and access-controlled.
Persistence & Privilege
The skill does not request always:true, does not declare required config paths or binaries, and does not try to modify other skills or system-wide settings. Example scripts include local file-based offense store as a demo; persistent storage and DB/Redis credentials are optional/adaptive and under the integrator's control.
What to consider before installing
This skill is a reasonable Telegram moderation integration skeleton, but the package metadata failing to declare required environment variables is a red flag. Before installing or running: - Treat TELEGRAM_BOT_TOKEN and TELEGRAM_WEBHOOK_SECRET as sensitive — do not paste them into untrusted services. Confirm the skill metadata is updated to list these. - Confirm the MODERATION_CORE_ENDPOINT and MODERATION_CORE_TOKEN (or any external endpoint) are trusted and inside your allowlist; the code posts message content and user identifiers to that endpoint. - Review and replace the demo local JSON offense store before production (use Redis/DB as recommended) to avoid losing or leaking logs. - Ensure allowed_chat_ids and admin whitelist are configured to avoid broad accidental enforcement. - Audit the example scripts if you will run them: check timeouts, retry/rate-limit behavior, and that webhook secret verification is correctly implemented in your deployment. - Because the package is instruction-only (no install step), the platform won’t install binaries, but you are responsible for safe deployment. If you need to trust this skill in a production agent, ask the publisher to update registry metadata to declare required env vars and provide provenance for the moderation core endpoint. If you don’t control the moderation endpoint, treat this as potentially high-risk and do not deploy without further review.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f8hnrctk101tnytgh84yt398371yc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments