Skills
skills/sundial-org/awesome-openclaw-skills/telegram-compose/Gen Agent Trust Hub

telegram-compose

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses jq to extract bot tokens from the local configuration file ~/.clawdbot/clawdbot.json and curl to transmit data to the Telegram API. These commands are essential for the skill's messaging functionality and target a well-known service domain.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing external message content for HTML delivery via the Telegram API.
  • Ingestion points: The $MESSAGE variable used in the curl command within SKILL.md.
  • Boundary markers: None present in the shell script snippet to delimit user content from instructions.
  • Capability inventory: curl subprocess execution for network communication.
  • Sanitization: The documentation provides instructions for manual HTML escaping, but the skill does not implement programmatic sanitization or validation within the provided code.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 05:16 AM