Is telegram safe?
https://clawhub.ai/codedao12/telegram
This is a documentation-only Telegram Bot API skill containing markdown reference files and request templates. It contains no executable code, no install scripts, no hidden instructions, and no data exfiltration vectors. The filesystem activity observed during installation is attributable to the OpenClaw runtime framework, not the skill itself. All canary files remained intact.
Category Scores
Findings (6)
LOW OpenClaw runtime reads sensitive files during install -18 ▶
The OpenClaw agent runtime reads .env, .aws/credentials, and auth-profiles.json during the skill installation bootstrap. These reads are from the platform runtime, not the skill itself, but represent a trust dependency on the OpenClaw framework.
INFO JIT compilation artifacts in /tmp -5 ▶
The OpenClaw runtime creates JIT-compiled CJS files in /tmp/jiti/ during installation. This is standard framework behavior (jiti is a known TypeScript/ESM JIT transpiler) and not attributable to the skill.
INFO Gateway lock file created in /tmp -5 ▶
A lock file was created at /tmp/openclaw-1000/gateway.e9191928.lock during installation, which is standard OpenClaw framework behavior for process coordination.
INFO External API documentation links present -5 ▶
The skill references core.telegram.org URLs as documentation links. These are legitimate first-party Telegram documentation and pose no injection risk.
INFO Skill requires bot token as input -10 ▶
The skill's stated required inputs include a bot token, which is expected for any Telegram bot integration. The skill explicitly advises 'Never log tokens' and recommends using secret token headers, demonstrating security awareness.
INFO Agent will make outbound HTTPS requests to Telegram API -20 ▶
When used as intended, the agent will make HTTPS requests to api.telegram.org. This is the expected and documented behavior of a Telegram bot skill. The skill provides request templates that guide proper API usage.