Safety Report

Telegram Footer Patch

Name: Telegram Footer Patch
Rating: 5 (4 reviews)
Author: C-Joey

Patch OpenClaw Telegram private-chat replies to append a footer at the platform layer (`🧠 Model + 💭 Think + 📊 Context`), with backup, syntax validation, u...

107Downloads

2Installs

4Stars

5Versions

File Management2,100 Customer Support1,744 AI & Machine Learning1,383 Notifications & Alerts1,061

Security Analysis

high confidence

Clean0.08 risk

The skill's code and instructions are internally consistent with its stated purpose: it patches OpenClaw reply dist files to append a Telegram footer, creates backups, and provides a rollback path; there is no sign of unrelated credential access or network exfiltration.

Mar 6, 20263 files2 concerns

Purpose & Capabilityok

Name/description claim to inject a Telegram footer and the provided scripts directly implement that by searching and patching reply-*.js in the OpenClaw dist directory and adding a marker to avoid double-injection. The backup/rollback scripts match the stated functionality.

Instruction Scopenote

SKILL.md steps (dry-run, apply patch, restart gateway, test, rollback) align with the scripts. The instructions do require modifying installed application files and restarting the gateway — expected for this purpose but a high-impact operation that should be confirmed before execution.

Install Mechanismok

No install spec; this is instruction + shipped scripts only. The scripts are local Python files (no remote downloads or package installs). No risky install mechanisms detected.

Credentialsok

No environment variables, credentials, or external endpoints are requested or used. The scripts operate solely on local files under a configurable dist path (default /usr/lib/node_modules/openclaw/dist).

Persistence & Privilegenote

The skill modifies installed OpenClaw distribution files and writes backups alongside them, which is persistent until overwritten or upgraded; this typically requires elevated filesystem privileges (e.g., sudo). always:false and normal agent invocation are used (no force inclusion).

Guidance

This skill appears to do exactly what it says: patch reply-*.js under your OpenClaw dist to append a one-line Telegram footer, back up modified files (suffix .bak.telegram-footer.TIMESTAMP), and provide a revert script. Before running: (1) review the two Python scripts yourself (they are short and readable), (2) run the suggested dry-run to ensure the needle is found and the correct files would be changed, (3) be prepared to run commands with appropriate permissions (the default dist path is under /usr/lib — you may need sudo), (4) restart the gateway only after confirming you have backups and maintenance window if this is a production system, and (5) reapply the patch after OpenClaw upgrades since upgrades may overwrite the dist files. No network calls or credential exfiltration were found, but exercise standard caution when modifying installed application code; test in a staging environment first.

Latest Release

v1.0.4

Compatibility update for latest OpenClaw dist bundles; verified patch flow on local OpenClaw 2026.3.7.

Popular Skills

AgentLedger

@c-goro · 4 stars

Asana (PAT)

@L-U-C-K-Y · 2 stars

Telegram Usage Stats

@c-drew · 1 stars

Playwright CLI Automation

@Michael-C-Matias · 0 stars

Bind Protocol MCP Server Use

@jason-c-child · 0 stars

BlockBeats API

@f-s-c-1 · 0 stars

Published by @C-Joey on ClawHub