Telegram Telethon CLI
WarnAudited by ClawScan on May 10, 2026.
Overview
This is a powerful Telegram account-control skill, but its setup is under-declared and the runnable CLI code it installs is missing from the reviewed package.
Install only if you trust the source and can inspect the missing tgctl implementation. Do not save actual TELEGRAM_API_HASH or session secrets in shared notes; prefer a secret manager or temporary environment variables. After login, treat the session as full Telegram account access and confirm any send, delete, admin, invite/kick, or profile-change action before letting the agent run it.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installation may fail, or a user may end up relying on unreviewed code if the missing tgctl implementation is supplied from elsewhere.
The installer expects and later executes a scripts/tgctl file, but the supplied manifest only contains SKILL.md and scripts/install.sh. The actual Telegram CLI code that would handle credentials and sessions is absent from review.
TGCTL_SRC="$SCRIPT_DIR/tgctl" ... if [ ! -f "$TGCTL_SRC" ]; then echo "error: tgctl script not found at $TGCTL_SRC" ... exec "$VENV_DIR/bin/python3" "$TGCTL_SRC" "$@"
Include the full tgctl source in the reviewed package, document its provenance, and pin dependencies or otherwise provide reproducible installation details.
A logged-in session can act as the user's Telegram account, including messaging, group administration, profile changes, and contact/chat access.
The skill requires Telegram API credentials, interactive account login, and persistent session storage, despite registry metadata declaring no primary credential or required environment variables.
TELEGRAM_API_ID=${ID} TELEGRAM_API_HASH=${HASH} tgctl-telethon login ... User enters phone number, auth code ... optional 2FA password ... Session persists in ~/.tgctl-telethon/<profile>/Declare the Telegram credential and session requirements in metadata, clearly scope which account/profile will be used, and require explicit user approval before account-mutating actions.
Telegram API credentials or session pointers could be stored in persistent context, shared accidentally, or reused later without the user realizing it.
The setup directs saving credential-related environment values and session location into a persistent TOOLS.md note. If actual values are written there, they may be exposed or reused across future agent tasks.
### Step 4: Save config to TOOLS.md ... - Env: TELEGRAM_API_ID=${ID} TELEGRAM_API_HASH=${HASH} ... - Session: ~/.tgctl-telethon/Do not store actual API hashes or session secrets in TOOLS.md; use a secret manager or temporary environment variables, and document how to remove sessions when no longer needed.
If invoked incorrectly, the agent could affect public chats, private contacts, group membership, or the user's Telegram identity.
These high-impact Telegram actions are disclosed and match the skill's purpose, but they can publish content, delete content, remove users, alter admins, or change the user's profile.
`send <chat> <msg>` ... `delete <chat> <msg_id>` ... `kick <chat> <user>` ... `editadmin <chat> <user> [--remove]` ... `updateprofile [--first n] [--last n] [--about t]`
Use this skill only for explicit Telegram requests and confirm before sending, deleting, forwarding, moderating, or changing account/profile settings.