Fieldy AI Webhook
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: fieldy-ai-webhook Version: 0.1.2 The skill bundle is designed to set up a Moltbot webhook transform for a 'Fieldy' integration. The `SKILL.md` provides clear, human-readable instructions for configuration, and does not contain any prompt injection attempts against the AI agent. The `src/fieldy-webhook.js` script primarily parses webhook input, performs wake word detection, and logs non-wake-word transcripts to a specific, controlled directory (`<workspace>/fieldy/transcripts/`) using `fs.appendFileSync`. This file system access is explicitly documented and aligns with the stated purpose of logging. No evidence of data exfiltration, malicious execution, persistence, or other harmful behaviors was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Webhook requests that pass the token check can trigger the Fieldy agent with transcript-derived text.
The webhook mapping sends the transformed webhook message into an agent run. This is the stated purpose, but it means anyone or any service with valid webhook access can cause agent invocations.
"action": "agent", "name": "Fieldy", "messageTemplate": "{{message}}", "deliver": trueUse a strong unique hook token, keep the endpoint private where possible, and ensure the target agent does not have more authority than you want voice/webhook commands to exercise.
If the webhook token is exposed, another party could send requests to the Fieldy hook and potentially trigger agent runs.
The setup uses a Moltbot hook token, including an example query-parameter token. This is expected for webhook authentication, but the token grants access to submit hook requests.
Set Webhook Endpoint URL to: `https://your-url.com/hooks/fieldy?token=insert-your-token`
Prefer an Authorization header if Fieldy supports it, treat query-string tokens as secrets, avoid sharing webhook URLs, and rotate the token if it may have been logged or exposed.
Fieldy transcript content, including transcripts that do not wake the agent, will be saved locally and may contain private speech or meeting information.
The transform persistently appends transcript text and speaker data to local JSONL files. SKILL.md also discloses this behavior under `<workspace>/fieldy/transcripts/`.
text: transcription, speaker: ... || "Unknown", ... fs.appendFileSync(filePath, logEntry + "\n");
Review the log directory, set retention or deletion practices, and edit the transform if you do not want all transcripts stored.
Installing or loading the package as a normal Moltbot extension may not behave as the manual instructions imply.
The package metadata references files and an extension entry point that are not present in the provided manifest. The skill instructions instead use `src/fieldy-webhook.js` manually, so this appears to be packaging inconsistency rather than evidence of hidden behavior.
"moltbot": { "extensions": ["./index.ts"] },
"files": ["index.ts", "moltbot.plugin.json", "README.md", "skills/**", "transforms/**"]Follow the provided manual setup only if you trust the included transform file, and ask the publisher to align package metadata with the shipped files.