phone calling
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: phone-calling Version: 1.0.7 The OpenClaw AgentSkills skill bundle provides a comprehensive API for an AI agent to make international phone calls, manage sessions, and access call-related features like transcription and sentiment analysis. All documented API endpoints and instructions are clearly aligned with the stated purpose of a phone calling service. There is no evidence of intentional harmful behavior, data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the AI agent in any of the provided files (SKILL.md, openapi.json, ringez-api-spec.md, ringez-implementation-guide.md, ringez-quickstart-guide.md). The skill explicitly directs users to a website for adding credits, avoiding direct handling of payment information within the agent environment.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent has a valid session, it could place calls to third parties and spend calling minutes in ways the user did not specifically approve.
The skill exposes real-world phone call initiation, including direct automated calling by agents, without artifact-backed instructions requiring per-call user approval, recipient confirmation, spend limits, or duration limits.
Direct Mode ... Best for: AI agents, automated calls ... POST /api/v1/calls/initiate ... { "to_number": "+919876543210", "mode": "direct" }Require explicit confirmation before every call, showing the destination number, mode, purpose, expected cost, and maximum duration; prefer bridge mode and keep idempotency keys enabled.
Users may not realize the agent will handle credentials or session tokens that can authorize paid calls and account access.
The session ID functions as an account credential for balance checks and call initiation, while the registry requirements declare no primary credential or required environment variable.
Login with password ... Save the `session_id` — you will need it for all API calls.
Declare the credential/session requirements clearly, store session IDs only in approved secret storage, and let users revoke or rotate sessions easily.
Phone numbers, call events, and transcribed conversation content could be sent to external agent/webhook systems without users fully understanding the privacy implications.
The API documentation supports sending call status and transcription events to webhook endpoints, but the artifacts do not clearly define data boundaries, recipient consent, or retention for call content and metadata.
"transcribe": true ... "webhook_url": "https://agent.example.com/webhooks/call-status" ... "events": ["call.initiated", "call.ringing", "call.answered", "call.completed", "call.failed", "transcription.updated", "balance.low"]
Use webhooks and transcription only when necessary, disclose who receives the data, verify webhook signatures, and obtain consent where required by law or policy.
Users may trust the skill more than they should and overlook the account, billing, and call-data exposure involved in using it.
The privacy/authentication messaging is internally inconsistent and can understate that the service handles credentials, phone numbers, call metadata, and possibly transcripts.
enables autonomous calling capabilities with privacy-first design ... without requiring authentication or personal data. ... Authentication: API Key-based (bearer token)
Clarify the privacy model, authentication model, data collected, third-party processors, and any recording/transcription behavior before users grant access.
Using the optional SDKs adds package supply-chain trust outside the reviewed instruction-only skill.
The guide suggests optional SDK installation from package registries, but the skill itself has no install spec, lockfile, or bundled code for review.
pip install ringez-sdk ... npm install @ringez/sdk
Verify package ownership, versions, and integrity before installing any SDK, or use the documented REST API directly.