Skills
skills/canine89/claudeclaw-setup-hypeboy/claudeclaw/Gen Agent Trust Hub

claudeclaw

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The guide suggests running claude --dangerously-skip-permissions. This flag is a feature of the Claude Code CLI that suppresses interactive permission prompts for file and network access during the session.
  • [EXTERNAL_DOWNLOADS]: The skill requires downloading the telegram@claude-plugins/official plugin to enable communication with the Telegram API.
  • [PROMPT_INJECTION]: The integration creates an indirect prompt injection surface where external data enters the agent context. (1) Ingestion point: Telegram bot messages (SKILL.md). (2) Boundary markers: No delimiters are specified in the prompts. (3) Capability inventory: The agent can execute commands and write files as demonstrated in the test phase (Step 5-2). (4) Sanitization: The skill addresses this by instructing the user to enable a mandatory 'allowlist' access policy to restrict inputs to known accounts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 03:13 PM
Security Audit — agent-trust-hub — claudeclaw