Back to skill
Skillv0.1.0
ClawScan security
Voice Call · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 31, 2026, 7:03 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, declared config requirement, and runtime behavior are consistent with a voice-call helper that uses an existing OpenClaw voice-call plugin; nothing requested is disproportionate to that purpose.
- Guidance
- This skill appears coherent for controlling an existing OpenClaw voice-call plugin. Before installing: 1) Verify the plugin providing voice-call is from a trusted source and that the owner/registry entry is authoritative (source/homepage are unknown). 2) Keep provider credentials (Twilio/Telnyx/Plivo) in secure config storage and ensure only the voice-call plugin can access them. 3) Decide whether the agent should be allowed to autonomously initiate outbound calls — if not, disable autonomous invocation or add explicit guardrails (approved numbers, rate limits, logging/approval workflow). 4) Monitor call activity and billing after enabling to detect unintended or abusive usage.
Review Dimensions
- Purpose & Capability
- okName/description match the SKILL.md: it is an instruction-only adapter for the platform's voice-call plugin. The single declared config requirement (plugins.entries.voice-call.enabled) aligns with the stated need to enable the plugin. The skill does not request unrelated binaries or credentials.
- Instruction Scope
- noteSKILL.md restricts actions to initiating/continuing/speaking/ending calls and checking status via the voice_call tool. This stays within the stated purpose. Note: the tool allows the agent to place outbound calls and speak messages — a powerful capability that may have privacy, cost, and abuse implications if the agent is allowed to call arbitrary numbers without guardrails.
- Install Mechanism
- okNo install spec and no code files (instruction-only), so nothing is written to disk or downloaded by the skill itself. This is the lowest-risk install model.
- Credentials
- noteThe skill does not request environment variables; it expects provider credentials to live in the plugin config (twilio/telnyx/plivo keys and fromNumber). That is proportionate, but those config entries are sensitive credentials — ensure they are stored securely and limited to the plugin, not exposed to unrelated skills.
- Persistence & Privilege
- okalways is false and the skill does not request persistent elevated privileges or modify other skills. Autonomous invocation is allowed (platform default) — because the skill can initiate calls, consider whether autonomous calls are acceptable in your deployment.