Voice AI Agent Engineering
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is an instruction-only voice-agent design guide with no code or install-time permissions, but users should handle its telephony, customer-data, and third-party provider guidance carefully when implementing it.
This skill appears safe to install as an instruction-only guide. Treat it as a planning methodology, not a production-ready compliance guarantee: when using it to build a real voice agent, carefully scope API permissions, verify caller-data handling, obtain required call consent, and review all telephony, STT, LLM, TTS, CRM, and analytics providers before going live.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If implemented with broad API access, a voice agent could change appointments, CRM records, billing workflows, or other business data during calls.
The architecture explicitly includes tool/API calls connected to business systems. This is expected for a production voice-agent design guide, but real deployments should limit which APIs the agent can use and require review for customer-impacting actions.
[Tool/API Calls] ... [CRM/Calendar/DB]
Use least-privilege API credentials, restrict write actions, log changes, and require human approval for high-impact actions such as payments, cancellations, account changes, or outbound campaigns.
A deployed agent could collect or use personal identifiers and customer account information.
The conversation template includes caller identification using phone number lookup, account number, or date of birth. This is purpose-aligned for support and appointment workflows, but it involves sensitive identity and account data.
method: "phone_number_lookup" # or ask_name, account_number, DOB
Define clear verification rules, avoid collecting unnecessary identifiers, mask sensitive data in logs, and align implementation with applicable privacy and sector regulations.
Caller conversations and business context may be processed by third-party telephony, speech, and model providers in a real implementation.
The recommended voice stack may send caller audio, transcripts, prompts, and responses through multiple external providers. This is disclosed and central to the skill’s purpose, but provider boundaries and data handling need review.
STT | Deepgram, AssemblyAI, Whisper, Google STT ... LLM | GPT-4o, Claude, Gemini, Llama ... Telephony | Twilio, Vonage, Telnyx, SignalWire
Before deployment, review each provider’s retention, training-use, data residency, security, and compliance terms; use contracts and settings that prevent unintended storage or reuse of call data.