AgentPing – Phone Call Alerts
Security checks across static analysis, malware telemetry, and agentic risk
Overview
AgentPing is a coherent alerting skill, but it lets an agent use an API key to trigger real phone calls, including delayed retries and critical calls.
This appears safe for its stated purpose if you want phone-call escalation. Before installing, protect the AgentPing API key, decide when the agent is allowed to call you, avoid putting secrets or confidential details in alert messages, and reserve critical severity for true emergencies because it can bypass quiet hours.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your agent may cause your phone to ring when it decides an alert is urgent, including off-hours if it marks the alert critical.
The skill gives the agent a documented API workflow that can cause real phone calls, including higher-urgency calls that ignore quiet hours. This is the core purpose, but it is a user-impacting action.
Creates an escalation alert. AgentPing will call the user's verified phone... `critical` ... Bypasses quiet hours.
Install only if you want agent-initiated phone escalation; set clear rules for when the agent may use critical severity or immediate calls.
Anyone or any agent process with this key could create alerts under your AgentPing account.
The skill requires a service API key that authorizes alert creation for the user's AgentPing account. This is expected, but it is a credential that should be protected.
Generate an API key at [agentping.me/api-keys]... Add the key to your OpenClaw config (`~/.openclaw/openclaw.json`): ... apiKey: "ap_sk_your_key_here"
Store the key securely, do not commit it to shared files, and rotate or revoke it if you stop using the skill.
Project names, URLs, task IDs, or incident details placed in alerts may be processed by AgentPing and heard during the call.
Alert content and metadata are sent to the external AgentPing service and some fields are spoken aloud during the phone call. This is disclosed and expected for the service, but sensitive details could be exposed if included.
`title` ... This is spoken aloud during the phone call. ... `message` ... Spoken during the voice call. ... `metadata` ... tracking data
Keep alert text minimal and avoid secrets, personal data, or confidential operational details unless you are comfortable sharing them through this channel.
You may receive an unnecessary phone call if the agent loses state or fails to acknowledge your chat response.
The skill explicitly warns that delayed alerts can still fire if the agent fails to cancel or acknowledge them. This is disclosed and tied to the fallback workflow.
If the agent crashes, forgets, or fails to acknowledge after the user replies, the user may still get an unnecessary call.
Prefer the documented schedule-first pattern, use expirations, and ensure the agent acknowledges delayed alerts promptly when you respond.