Toingg Ops Toolkit
WarnAudited by ClawScan on May 10, 2026.
Overview
The toolkit mostly matches its Toingg campaign purpose, but a campaign template contains a hard-coded alert phone number that could receive lead notifications if not changed.
Review the campaign JSON before posting it, especially leadNotificationPhone and leadNotification. Replace any sample phone numbers, use a least-privileged Toingg token, keep contact and analytics files out of unapproved repositories, and enable the analytics cron only if you truly want recurring daily pulls.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Lead notifications or campaign alerts could be sent to an unintended phone number, exposing campaign or lead information outside the user's account workflow.
The campaign creation template enables lead notifications and supplies a fixed phone number. If the agent or user posts this scaffold unchanged, campaign lead alerts could be routed to that number rather than a user-approved destination.
"leadNotificationPhone": "+918179259307", "leadNotification": true
Before creating any campaign, replace the notification phone with a user-confirmed number or set leadNotification to false, and require explicit final review of the payload.
Anyone or any agent process with this token can perform Toingg actions allowed by the token, including outbound communications and account data access.
The skill needs a Toingg bearer token to create campaigns, place calls, upload contacts, fetch analytics, and send WhatsApp templates. This is expected for the integration, but it grants account-level operational authority.
All HTTP calls reuse the `TOINGG_API_TOKEN` bearer token.
Use the least-privileged Toingg token available, keep it out of shared logs and repositories, and declare the required environment variable in metadata.
If enabled, the job will keep making daily Toingg API calls and writing analytics files until it is disabled.
The skill documents a persistent daily analytics cron job. The artifact also says to enable it only when requested and provides a delete command, so this is disclosed and user-directed persistence.
openclaw cron create toingg-analytics-digest \
--schedule "0 19 * * *"Enable the cron only after explicit user approval, verify the output directory, and confirm the user knows how to remove it.
Names, phone numbers, campaign details, and analytics could remain in local files, repositories, or shared storage longer than intended.
Campaign payloads, analytics, and contact exports may contain business data and personal contact information. The instruction is disclosed but can create persistent sensitive records.
Keep payloads (campaign JSON, analytics snapshots, contact exports) in version control or shared storage per your security rules.
Store outputs only in approved locations, avoid committing contact or analytics files unless policy allows it, and apply retention or deletion rules.
Dependency versions may vary across environments, and unpinned package installs carry normal package supply-chain risk.
The skill asks users to install unpinned Python dependencies for Excel parsing and HTTP requests. This is purpose-aligned and user-directed, but package provenance and versions are not locked.
pip install openpyxl requests
Install in a virtual environment and consider pinning known-good versions of openpyxl and requests.