Back to skill
Skillv1.0.0
ClawScan security
Elevenlabs Calls · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 4, 2026, 3:04 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and required secrets line up with its stated purpose (making ElevenLabs-powered phone calls); it only needs an ElevenLabs API key and uses curl/jq to call ElevenLabs APIs.
- Guidance
- This skill appears coherent and implements the advertised ElevenLabs → Twilio call flow. Before installing: (1) Only provide an ELEVENLABS_API_KEY to the environment — use a dedicated key with limited scope if possible. (2) Understand that call audio, transcripts, and metadata are retrieved from/written to ElevenLabs (and that ElevenLabs will use your Twilio integration you configure in their UI), so avoid sending sensitive personal data unless you accept ElevenLabs' storage/retention policy. (3) Review billing implications (ElevenLabs + Twilio) and monitor call activity. (4) If you want additional assurance, inspect the included scripts locally (they are plain shell scripts) and verify the API endpoints before running.
Review Dimensions
- Purpose & Capability
- okName/description match the implementation: scripts call ElevenLabs convai endpoints (agents, phone-numbers, outbound-call, conversations). Required binaries (curl, jq) and ELEVENLABS_API_KEY are appropriate and proportional.
- Instruction Scope
- okSKILL.md instructs running the included scripts. The scripts only read the declared ELEVENLABS_API_KEY and CLI args; they call elevenlabs.io endpoints and do not reference unrelated files, system creds, or external endpoints beyond ElevenLabs.
- Install Mechanism
- okNo install spec (instruction-only with bundled scripts). Nothing is downloaded or executed from remote URLs; scripts run locally. Low install risk.
- Credentials
- okOnly ELEVENLABS_API_KEY is required. Twilio credentials are referenced but expected to be configured in the ElevenLabs web UI, not provided to these scripts. No additional unrelated secrets or config paths are requested.
- Persistence & Privilege
- okalways is false, the skill does not request permanent presence or modify other skills or system settings. Scripts do not persist changes to other agent configs.