← 返回 Skills 市场
teamtelnyx

Telnyx Freemium Upgrade

作者 teamtelnyx · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
647
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install telnyx-freemium-upgrade
功能描述
Automatically upgrade Telnyx account from freemium to professional tier
安全使用建议
This skill is internally consistent with its stated purpose, but it handles sensitive credentials in ways you should explicitly accept before installing: it will read or derive your Telnyx API key (env var or ~/.config/telnyx/config.json), use the local GitHub CLI to obtain your GitHub token (get-gh-token.sh / gh auth token), and send that token to Telnyx API endpoints to verify identity. If you do not trust the skill's author or Telnyx endpoints, do not install or run it. Recommended precautions: 1) Review the included scripts locally (they are bundled in the skill) to confirm behavior; 2) Only run on a machine you control; 3) Use least-privileged GitHub credentials (or prefer the LinkedIn browser flow) and do not reuse high-privilege personal tokens; 4) Be aware the skill writes ~/.telnyx/upgrade.json and a gh-refresh PID file; 5) Because the skill's source/homepage is unknown, consider running the scripts manually under supervision rather than granting autonomous agent execution.
功能分析
Type: OpenClaw Skill Name: telnyx-freemium-upgrade Version: 1.0.0 The skill is classified as suspicious due to significant prompt injection vulnerabilities against the OpenClaw agent, primarily within the SKILL.md instructions. Specifically, the `openclaw cron add` command's `--message` argument interpolates variables like `<EVALUATION_ID>` (sourced from an external API) directly into a command string. If this external ID is not sanitized, it could allow an attacker to inject arbitrary commands for execution by the agent. Similarly, the API key resolution in SKILL.md uses a shell command that interpolates `$HOME`, posing another potential shell injection risk. While the skill's stated purpose (Telnyx account upgrade) and the code's functionality appear benign, these vulnerabilities could lead to arbitrary command execution if exploited, without clear evidence of intentional malicious design within the skill itself.
能力评估
Purpose & Capability
The skill claims to upgrade Telnyx accounts and requires a TELNYX_API_KEY plus the gh CLI and python3 to perform GitHub-based or LinkedIn-based verification. The included scripts (check-gh-auth, get-gh-token, refresh-gh-scopes, wait-for-auth, and the evaluator) match that purpose.
Instruction Scope
Instructions explicitly read local files (~/.telnyx/upgrade.json and ~/.config/telnyx/config.json), use the local GitHub CLI to obtain the user's GitHub token, and submit that token or a LinkedIn OAuth flow to Telnyx API endpoints. This behavior is coherent with account verification, but it involves exfiltrating the GitHub token to the remote Telnyx API and polling remote status — the user must consent to that.
Install Mechanism
No install spec — scripts are packaged with the skill and executed as-needed. Nothing is downloaded from external URLs and no packages are auto-installed by the skill, which minimizes supply-chain risk.
Credentials
Only TELNYX_API_KEY is declared as the primary credential. The code also relies on the gh CLI to surface a GitHub token (via gh auth token) and will read ~/.config/telnyx/config.json for an API key fallback. Requesting the Telnyx API key and using the local gh token are proportionate for verification, but both are sensitive and the skill will transmit the GitHub token to Telnyx endpoints.
Persistence & Privilege
always is false. The skill writes per-user cache/state to ~/.telnyx/upgrade.json and a PID file under ~/.telnyx for the device-code flow; this is contained to the user's home directory and consistent with its functionality.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install telnyx-freemium-upgrade
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /telnyx-freemium-upgrade 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: upgrade Telnyx account from freemium to professional tier via GitHub or LinkedIn identity verification. Includes evaluation script, GitHub auth helpers, and notification templates.
元数据
Slug telnyx-freemium-upgrade
版本 1.0.0
许可证
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Telnyx Freemium Upgrade 是什么?

Automatically upgrade Telnyx account from freemium to professional tier. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 647 次。

如何安装 Telnyx Freemium Upgrade?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install telnyx-freemium-upgrade」即可一键安装,无需额外配置。

Telnyx Freemium Upgrade 是免费的吗?

是的,Telnyx Freemium Upgrade 完全免费(开源免费),可自由下载、安装和使用。

Telnyx Freemium Upgrade 支持哪些平台?

Telnyx Freemium Upgrade 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Telnyx Freemium Upgrade?

由 teamtelnyx(@teamtelnyx)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 留言讨论