ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Vapi AI

v0.1.0

Manage Vapi voice assistants, calls, phone numbers, tools, and webhooks via the Vapi REST API or CLI for voice agent operations and integrations.

0· 1.3k·4 current·4 all-time
byColin Lowenburg@colygon
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's stated purpose (manage Vapi assistants, calls, phone numbers, tools, webhooks) matches the included helper script and API endpoints. However, the registry metadata claims no required environment variables while SKILL.md and the helper script both require VAPI_API_KEY (and optionally VAPI_MODE and VAPI_BASE_URL). This metadata mismatch is likely an oversight but is an incoherence the buyer should be aware of.
Instruction Scope
SKILL.md confines runtime actions to calling Vapi's REST API or using the Vapi CLI. The instructions do not ask the agent to read unrelated local files or exfiltrate arbitrary data. They do, however, recommend piping an install script from the network (see install mechanism), which broadens scope implicitly by running external code.
!
Install Mechanism
There is no formal install spec in the registry, but the README/SKILL.md suggests running curl -sSL https://vapi.ai/install.sh | bash to install the CLI. Download-and-execute-from-network is higher risk — you should inspect that install script's contents or prefer verified package sources before running it. The included helper (bin/vapi-api.mjs) itself is small and readable.
!
Credentials
Functionality reasonably requires one credential: VAPI_API_KEY, which SKILL.md documents. That is proportionate. But the registry metadata lists no required env vars (incoherent). SKILL.md also references VAPI_MODE and VAPI_BASE_URL for configuration; ensure only the API key is provided to the skill and that it's stored as a gateway secret rather than pasted into logs. No other unrelated credentials are requested.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or global agent settings, and does not request persistent system privileges. Autonomous invocation is allowed (platform default) but not combined with other high-risk flags.
What to consider before installing
This skill appears to be a straightforward Vapi API integration with a small helper script, but: 1) the registry metadata omits the required VAPI_API_KEY — plan to provide that key as a secure gateway secret (don't paste it into public logs); 2) avoid blindly running curl | bash from https://vapi.ai/install.sh — fetch and inspect the installer first or install from a verified package source (GitHub release or package manager) if available; 3) review bin/vapi-api.mjs (it's small and readable) to confirm it only calls the Vapi API; and 4) if you need stronger assurance, request the publisher update the registry metadata to list VAPI_API_KEY and provide a vetted install mechanism or a link to a specific, auditable release.

Like a lobster shell, security has layers — review code before you run it.

latestvk971gp342dsq2peg3vbhdx2z9x80ssag

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments