ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Sip Voice Call Control

Voice interface using Telnyx Call Control API. Answer phone calls with AI, function calling, and natural conversation. Use for hands-free assistant access, phone-based reminders, or voice-controlled tools. Requires Node.js and Telnyx API key.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 858 · 0 current installs · 0 all-time installs
by@teamtelnyx
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (Telnyx SIP voice control) mostly align with the code: it uses the Telnyx API, implements webhook handlers, STT/TTS, and function-calling tools. However, the code also expects/uses local gateway tooling and may run local CLI commands (openclaw/clawdbot/moltbook) and will attempt to start a cloudflared tunnel — binaries/configs not declared in the skill metadata (cloudflared and local CLIs). These extras are plausible for cross-channel messaging and 'auto-setup' but are not proportional to what's declared in required bins/envs.
!
Instruction Scope
SKILL.md tells agents to run persistent servers (nohup), start the service, and expects the agent to run shell commands. The runtime code reads workspace files (IDENTITY.md, USER.md) which the doc mentions, but it also reads user home config files (~/.openclaw/openclaw.json and ~/.clawdbot/clawdbot.json) to extract a gateway URL/token — this is not declared under required config paths. The code will execute local CLIs and child processes to perform tools (send_message, add_reminder, etc.), which grants the skill the ability to run arbitrary commands via the host CLI stack; the SKILL.md does not clearly warn about reading home-configs or executing arbitrary local tooling.
Install Mechanism
There is no formal install spec (instruction-only install via npm). package.json lists reasonable dependencies (express, telnyx, openai). The tunnel manager spawns the cloudflared binary but cloudflared is not listed among required binaries in metadata or SKILL.md; that mismatch means the code may fail or silently try to start a binary that isn’t present. No remote downloads or obscure URLs are used in the included files.
!
Credentials
Declared required env is a single TELNYX_API_KEY (appropriate). But the code also reads/uses other environment values and local config files (WORKSPACE_DIR, HOME, ~/.openclaw/openclaw.json, ~/.clawdbot/clawdbot.json) to obtain gateway URL and gateway auth token — effectively reading unrelated credentials from the host. That access is not disclosed in the metadata (required config paths = none) and expands the blast radius beyond Telnyx.
!
Persistence & Privilege
The skill requires persistent background execution (SKILL.md instructs using nohup or a process manager) and will open an inbound webhook by creating a public tunnel and updating/creating Telnyx Call Control Applications (using the provided TELNYX_API_KEY). While always:false and autonomous invocation are normal, the combination of persistent network exposure (cloudflared tunnel), ability to create/modify Telnyx apps, and potential access to gateway tokens and local CLIs elevates privilege and risk — especially if run on a machine with sensitive local configs or credentials.
What to consider before installing
This skill is plausible for Telnyx voice handling, but it does a few surprising things you should evaluate before installing: - Review the code yourself (src/tunnel.ts and src/dev.ts). It will attempt to start a cloudflared tunnel and create/update Telnyx Call Control Applications using your TELNYX_API_KEY — that will publish a webhook URL and may create SIP subdomains in your Telnyx account. - The skill reads workspace files (IDENTITY.md, USER.md) and also tries to read ~/.openclaw/openclaw.json and ~/.clawdbot/clawdbot.json to obtain a gateway URL and token. If you have other agent/CLI tools installed, this could allow the skill to use existing gateway credentials. If those files contain tokens for other services, consider running the skill in an isolated environment (container/VM) or remove/rotate those tokens first. - The code spawns local CLIs and arbitrary child processes to implement tools (send_message, reminders). Only run it on machines where you trust installed command-line tools; do not run on machines with sensitive credentials/configs. - The metadata omitted cloudflared and local CLI requirements. Ensure cloudflared is installed if you expect automatic tunneling, or disable the tunnel and provide a manually configured publicly reachable webhook. - Least-privilege advice: give the TELNYX_API_KEY only the minimum permissions needed (voice/call-control), and avoid running on hosts that contain other service tokens. Prefer testing in an isolated environment first and inspect logs and network traffic (or audit code) before deploying to production.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97ac15wz3kytpk88t18aycq4980xeap

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📞 Clawdis
Binsnode, npm
EnvTELNYX_API_KEY
Primary envTELNYX_API_KEY

SKILL.md

SIP Voice Call Control

Voice interface for OpenClaw using Telnyx Call Control API. Call via SIP and have natural conversations with your AI assistant.

How It Works

Your Phone (SIP) → Telnyx Call Control → Webhooks → This Server → Commands back
                         ↓                              ↓
                    STT/TTS/Media              LLM + Tool Execution

This is not WebRTC — it's server-side SIP call handling. Telnyx handles all audio; we just receive webhooks and send commands.

Setup

1. Install Dependencies

cd skills/sip-voice-call-control
npm install

2. Configure

cp .env.example .env

Edit .env:

TELNYX_API_KEY=KEY_your_api_key_here

3. Start Server

npm run start

Console shows:

🎙️  Assistant Voice Server ready on port 3000
📞 Dial: sip:openclaw@yourconnection.sip.telnyx.com

Agent Setup Flow

When setting up for a user, agents should:

1. Collect Configuration

Ask for:

  1. Telnyx API Key (required)

  2. TTS Voice (optional)

    • Telnyx.NaturalHD.astra — Female, warm and clear (default, recommended)
    • Telnyx.NaturalHD.atlas — Male, deep and authoritative
    • Polly.Amy-Neural — British female
    • Polly.Brian-Neural — British male
    • Polly.Joanna-Neural — American female
    • Polly.Matthew-Neural — American male
    • Azure.en-US-JennyNeural — American female
    • Azure.en-GB-RyanNeural — British male
    • See .env.example for full list

  3. Voice Model (optional)

    • Qwen/Qwen3-235B-A22B — Best for function calling (default)
    • meta-llama/Meta-Llama-3.1-8B-Instruct — Fastest
    • meta-llama/Llama-3.3-70B-Instruct — Balanced

Personalization (assistant name, user name, timezone) is pulled automatically from workspace files (IDENTITY.md, USER.md).

2. Write .env File

cat > .env << 'EOF'
TELNYX_API_KEY=<user_api_key>
VOICE_MODEL=Qwen/Qwen3-235B-A22B
TTS_VOICE=Telnyx.NaturalHD.astra
EOF

3. Start in Background (Persistent)

The server must run persistently to receive calls. Use nohup to keep it alive:

cd /path/to/sip-voice-call-control
nohup npm run start > sip-voice-call-control.log 2>&1 &

Or from an agent:

// Use nohup to keep process alive after session ends
exec({ 
  command: "cd /path/to/sip-voice-call-control && nohup npm run start > sip-voice-call-control.log 2>&1 &",
  background: true 
})

Important: Without nohup, the process will die when the parent session ends. Always use nohup or a process manager for production.

To check if running:

ps aux | grep "tsx.*dev" | grep -v grep

To stop:

pkill -f "tsx.*dev.ts"

To view logs:

tail -f /path/to/sip-voice-call-control/sip-voice-call-control.log

4. Extract SIP Address

Poll the process logs and give the user the SIP dial-in:

📞 Dial: sip:openclaw@<connection>.sip.telnyx.com

Environment Variables

VariableRequiredDefaultDescription
TELNYX_API_KEYYesTelnyx API key
VOICE_MODELNoQwen/Qwen3-235B-A22BModel for inference
TTS_VOICENoPolly.Amy-NeuralText-to-speech voice
PORTNo3000Server port
ENABLE_TUNNELNotrueCreate Cloudflare tunnel
WORKSPACE_DIRNo~/clawdFor memory search tool

Available Tools

ToolTrigger PhrasesWhat It Does
list_cron_jobs"what reminders", "my schedule", "cron jobs"Lists scheduled tasks
add_reminder"remind me", "set a reminder"Creates new reminder
remove_cron_job"delete", "cancel" + job nameRemoves a scheduled task
get_weather"weather", "temperature", "forecast"Gets current weather
search_memory"what have we been working on", "projects"Searches workspace files

Features

  • Low-latency — 500ms-1.5s response time with enable_thinking: false
  • Barge-in — Interrupt the assistant anytime by speaking
  • Function calling — Native tool support with Qwen
  • Auto-setup — Cloudflare tunnel and Call Control app created automatically
  • Personalization — Reads IDENTITY.md and USER.md for context

Troubleshooting

No response after speaking:

  • Check Telnyx API key has Voice API + Inference permissions
  • Verify webhook URL is reachable (tunnel must be active)

Slow responses (>3s):

  • Ensure using function-calling branch (not main)
  • Check model availability on your Telnyx account

Tool not executing:

  • Ensure openclaw CLI is in PATH
  • Check WORKSPACE_DIR is set correctly

Port already in use:

  • Kill existing server: pkill -f "tsx.*dev.ts"
  • Or change PORT in .env

Resources

Files

6 total
Select a file
Select a file to preview.

Comments

Loading comments…