claude-to-im
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a background daemon to bridge messaging platforms (Telegram, Discord, Feishu, QQ) to AI agent sessions. It uses standard OS-level mechanisms for persistence, such as macOS LaunchAgents and Windows Services, which are transparently managed via documented scripts.
- [SAFE]: Sensitive bot tokens and app secrets collected during setup are stored in
~/.claude-to-im/config.envwith restricted read/write permissions (owner-only). This prevents other local users from accessing the credentials. - [SAFE]: The skill incorporates a robust redaction system in its logger and CLI output. Regex-based masking ensures that tokens, secrets, and passwords are not leaked into log files or captured in terminal history logs.
- [SAFE]: Network operations are limited to communicating with well-known, official API endpoints for Telegram, Discord, Feishu, and QQ for the purpose of bot interaction and credential validation.
- [SAFE]: The code utilizes dynamic loading for optional dependencies, such as the Codex SDK, which is a standard development practice and does not involve the execution of untrusted remote payloads.
- [SAFE]: User access control is enforced through allow-lists for specific user IDs or channels, and tool execution requires explicit user approval through interactive messaging elements.
Audit Metadata