v0.1.5

Telecom Agent Skill

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:18 AM.

Analysis

Review before installing: this skill describes AI-controlled bulk phone calling, Twilio account linking, automatic call recording, transcript storage, and remote approvals with limited scoping detail.

GuidanceOnly install this if you intentionally need AI-assisted telecom operations and can audit the referenced GitHub code. Use a restricted Twilio subaccount, hard spending and rate limits, mandatory human approval for every campaign, legal consent for calling/recording, and a clear transcript retention/deletion policy.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

*   **Mass Dialing**: Upload a list of 10,000+ numbers. ... *   **Make Calls**: Dial any global number.

The skill exposes broad public telephone-network actions, including very large outbound campaigns and unrestricted global dialing.

User impactIf used without strong human review and limits, the agent could initiate costly, unwanted, or legally sensitive calls at large scale.

RecommendationRequire explicit per-campaign approval, verified recipient consent, budget/rate caps, region restrictions, and review of all lead files before dialing.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceHighStatusConcern

SKILL.md

version: "1.2.0" ... /install https://github.com/kflohr/telecom-agent-skill

The reviewed registry artifact is instruction-only and lists a different registry version, while the skill instructs installation from an external GitHub repository that is not represented by an install spec in the provided artifacts.

User impactA user cannot verify from the supplied artifacts what code would be installed before linking telecom accounts and enabling call operations.

RecommendationInstall only from a reviewed, pinned release with matching registry metadata, a clear install specification, and auditable source provenance.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SKILL.md

telecom onboard
# Follow the wizard to link your Twilio account.

Linking a Twilio account delegates telecom account authority and potential billing/phone-number permissions to the agent workflow.

User impactA misconfigured or over-privileged setup could spend money, place calls through the user's account, or affect the user's telecom reputation.

RecommendationUse a least-privileged Twilio subaccount or scoped API key, set spend limits, and ensure the skill clearly declares and constrains required account permissions.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityHighConfidenceHighStatusConcern

SKILL.md

*   **Listen**: Records audio automatically for quality assurance.
*   **Transcripts**: Agent can read full call transcripts (`telecom agent memory`).
*   **Persistence**: All logs saved to the secure Operator Console.

The skill captures and persists call audio/transcripts and makes them retrievable by the agent, but does not define retention, access, deletion, or reuse limits.

User impactPrivate conversations, personal data, and call content could be stored and later surfaced to the agent or console users without clear boundaries.

RecommendationDefine recording consent requirements, retention and deletion controls, transcript access limits, encryption, and audit logging before use.

Insecure Inter-Agent Communication

SeverityMediumConfidenceMediumStatusConcern

SKILL.md

*   **Remote Admin**: Monitor system status from a Telegram Bot.
*   **Approvals**: Approve/Deny high-risk actions via mobile buttons.

A Telegram bot is described as a remote administration and approval channel for high-risk actions, but identity, authorization, and channel-boundary controls are not specified.

User impactIf the bot, chat, or administrator mapping is misconfigured or compromised, high-risk telecom actions could be approved through an external channel.

RecommendationRequire administrator allow-lists, strong authentication, auditable approval records, and clear separation between monitoring and approval authority.