ClawAudit verdict
telnyx-freemium-upgrade
Telnyx account upgrade automation skill that uses the official Telnyx API; credential_access is for reading TELNYX_API_KEY from environment variables to call documented Telnyx APIs for the stated account management purpose.
⚠ Flagged for review — coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.
Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.
Permission integrity
file_read
credential_access
Findings (6)
Possible hardcoded credential
SKILL.md · code · API_KEY="${TELNYX_API_KEY:-$(python3 -c
Instruction-prose smuggling shape detected: collects a sensitive target ("API key") and emits it outward ("Report"). Phrased as prose with no trigger tokens — a semantic prompt-injection / data-exfil pattern the syntactic scanners can't see. Final tier capped at Caution; review the instructions before installing.
SKILL.md · | # | Scenario | Detection | Handling | |---|----------|-----------|---------| | 1 | `gh` not installed | `which gh` fails | Report: "GitHub CLI (gh) is require
Accesses OpenClaw config/secrets directly
SKILL.md · prose · downgraded · ~/.openclaw/openclaw.json
Instructs covert action — may act without user awareness
SKILL.md · prose · downgraded · silently
Python urllib.request — network access
scripts/evaluate-upgrade.py · prose · downgraded · urllib.request
Python os.environ.get — reads environment variable
scripts/evaluate-upgrade.py · prose · downgraded · os.environ.get(
Permissions & capabilities
Requires 2 system binaries.
network_infile_readcredential_access Is this flag fair?
Thanks — recorded.