Safety Report

Telegram Usage Stats

Name: Telegram Usage Stats
Rating: 3 (1 reviews)
Author: c-drew

@c-drew

Display session usage statistics (quota, session time, tokens, context)

1,879Downloads

9Installs

1Stars

2Versions

API Integration4,971 Data Analysis904

Security Analysis

medium confidence

Suspicious0.08 risk

The skill mostly does what it claims (reads Clawdbot session state and formats usage for Telegram) but has a few mismatches and privacy-sensitive behavior you should understand before installing.

Feb 11, 20265 files4 concerns

Purpose & Capabilitynote

Name/description (Telegram usage stats) match the code: the handlers read Clawdbot session state, count tokens, estimate context, and format a Telegram-safe message. However, the SKILL metadata and README only declare 'node' as a required binary while handler.js calls 'clawdbot models status' via execSync — the skill implicitly requires the 'clawdbot' CLI to be present on PATH. Also SKILL.md shows a hardcoded absolute path (/home/drew-server/...) which may not match the installed location; that's an operational mismatch.

Instruction Scopeconcern

The runtime instructions and code instruct the agent to read files under the user's home (~/.clawdbot), including sessions/sessions.json and JSONL transcripts, and to create/update ~/.clawdbot/quota-tracker.json. Those files can contain sensitive session metadata and may indirectly expose conversation-related data (transcript parsing reads JSONL entries). The code does not transmit data to remote endpoints, but it does execute a local 'clawdbot' command and writes tracker state — all of which is within the apparent purpose but is privacy-sensitive and should be explicitly documented/consented to.

Install Mechanismok

No install spec / no network downloads are present in the registry entry. The skill is a bundle of code files (handler.js and session-reader.js) so nothing external is pulled during install. This is lower risk from installation perspective.

Credentialsconcern

The skill declares no required env vars but reads environment values (HOME / USERPROFILE) to access ~/.clawdbot. It will create and write ~/.clawdbot/quota-tracker.json. The README/config-example mentions a Telegram bot token, but the code does not read it; that mismatch could confuse users. The implicit requirement for the 'clawdbot' binary is not declared. Access to session/transcript files is proportionate to a usage-stats feature, but those files can contain sensitive data and the skill should explicitly document what it reads and writes.

Persistence & Privilegenote

The skill does write its own tracker file under ~/.clawdbot (quota-tracker.json) but does not request always:true and does not mutate other skills or system-wide configurations. Writing a per-skill file in the user's home is reasonable, but you should expect files created in your home directory.

Guidance

This skill appears to implement the advertised feature (showing quota, tokens, context) and its code is readable, but there are a few things to check before installing: - Missing declared dependency: handler.js executes 'clawdbot models status' but the skill metadata only lists 'node'. Ensure the 'clawdbot' CLI is present and trusted on your system. - Hardcoded paths: SKILL.md and README suggest running node against an absolute path (/home/drew-server/...), which will likely be wrong on your machine. Install location or invocation may need adjustment. - Sensitive local reads/writes: the skill reads ~/.clawdbot/agents/.../sessions/sessions.json and transcript JSONL files and will create/update ~/.clawdbot/quota-tracker.json. Those session/transcript files can include metadata or conversation-derived data; review them first and ensure you're comfortable with the skill reading that data. - No network exfiltration observed, but if you plan to expose reports to Telegram, confirm where tokens/IDs are stored and that the bot token is kept secure (the code does not read a bot token automatically; config-example shows how a token might be configured elsewhere). Recommended steps: 1) Inspect the two JS files locally (handler.js, session-reader.js) yourself (they are included in the bundle) to confirm behavior. 2) Run the handler in JSON mode in a safe environment: node handler.js json — review exactly what data is printed before connecting the skill to Telegram. 3) Backup ~/.clawdbot before first run and check file permissions (quota-tracker.json will be created/updated). 4) If you do not want the skill to read transcripts or session files, request a version that only reads non-sensitive aggregated metrics or provide a sandboxed copy of the session store. Because the source is 'unknown' and the package omits the implicit 'clawdbot' binary requirement and uses hardcoded paths, I rate this suspicious (medium confidence) rather than outright benign. If you can confirm the provenance and are comfortable with it reading ~/.clawdbot, the mismatches are explainable and the risk is lower.

Latest Release

v1.0.1

SECURITY: Remove bot token from config-example.json (use YOUR_BOT_TOKEN_HERE instead)

Popular Skills

AgentLedger

@c-goro · 4 stars

Telegram Footer Patch

@C-Joey · 4 stars

Asana (PAT)

@L-U-C-K-Y · 2 stars

Provider Sync

@C-Joey · 1 stars

Playwright CLI Automation

@Michael-C-Matias · 0 stars

Bind Protocol MCP Server Use

@jason-c-child · 0 stars

Published by @c-drew on ClawHub