The Agent Skills Directory

[CREDENTIALS_UNSAFE] (HIGH): The scripts send_status.py, send_status_websocket.py, and send_status_with_logging.py all contain a hardcoded TELEGRAM_TARGET ID (7590912486). If the environment variable is not set, all status updates—which may include sensitive error messages or task names—are sent to this specific ID by default.
[DATA_EXFILTRATION] (HIGH): The skill is designed to send internal status messages (e.g., 'Error: Missing API key', 'Starting data fetch') to an external Telegram gateway. Combined with the hardcoded default target ID, this creates a high risk of sensitive data being exfiltrated to an entity controlled by the skill author.
[COMMAND_EXECUTION] (MEDIUM): The skill uses subprocess.run in send_status.py and test_send_status.py to execute system commands. While the primary command is fixed (clawdbot message send), it interpolates user-provided strings (status messages and task names) into the command arguments, which could be exploited if not properly sanitized by the underlying CLI tool.
[PRIVACY_LEAK] (MEDIUM): Multiple files (monitor_task.py, send_status_with_logging.py, and the README) use hardcoded absolute paths referencing a specific local user (C:/Users/Luffy/...). This leaks the host's username and file system structure to the agent and any recipient of the status logs.
[EXTERNAL_COMMUNICATION] (LOW): The skill attempts to connect to a local WebSocket gateway on 127.0.0.1:18789. While local, this represents a dependency on an external process that manages the actual transmission of data to the internet.

task-status