Voice Memo
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill matches its voice-message purpose, but it can send iMessages from your account and falls back to a hard-coded phone number if no recipient is supplied.
Review before installing. Only use this if you intentionally want the agent to send iMessage voice memos. Remove or replace the hard-coded default phone number, require explicit recipient and confirmation for each send, and avoid sensitive message text because it is sent to ElevenLabs for speech generation.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or autonomous invocation without a recipient could send your generated voice memo to an unintended phone number from your iMessage account.
If the caller omits a recipient, the script falls back to a hard-coded phone number and then posts a message attachment through BlueBubbles.
DEFAULT_RECIPIENT="${IMESSAGE_RECIPIENT:-+14169060839}" ... RECIPIENT="${2:-$DEFAULT_RECIPIENT}" ... RESPONSE=$(curl -X POST "$BLUEBUBBLES_URL/api/v1/message/attachment"Remove the hard-coded recipient, require an explicit recipient every time, and add a user confirmation step before sending any iMessage.
Anyone who can run the skill with those credentials can consume ElevenLabs quota and send messages through the configured BlueBubbles/iMessage account.
The skill loads local secrets and uses them to call ElevenLabs and the BlueBubbles message API; this is expected for the integration but grants meaningful account and billing authority.
source ~/.openclaw/.env ... -H "xi-api-key: $ELEVENLABS_API_KEY" ... -H "Authorization: Bearer $BLUEBUBBLES_PASSWORD"
Keep the .env file private, use the least-privileged BlueBubbles configuration available, and rotate the API key or password if exposed.
Private or sensitive text included in a voice memo will be sent to ElevenLabs before being delivered as an iMessage voice bubble.
The text to be spoken is transmitted to the ElevenLabs provider to generate audio, which is purpose-aligned but still an external data flow.
curl -X POST "https://api.elevenlabs.io/v1/text-to-speech/$VOICE_ID" ... \"text\": \"$TEXT_ESCAPED\"
Avoid sending secrets or highly sensitive content, and review ElevenLabs' data handling terms before use.
Incoming spoken content may become visible to the agent as conversation context and influence later responses during the session.
The skill documentation says incoming voice memo transcriptions may enter the agent's conversation context, while also stating they are not automatically persisted.
Transcribed text flows into conversation context automatically. They are NOT automatically persisted to memory or files
Do not send sensitive voice content unless you are comfortable with it entering the agent context; explicitly instruct the agent not to store it if needed.