Back to skill
Skillv1.0.1
ClawScan security
outbound call pro · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 15, 2026, 1:04 PM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code, runtime instructions, and required environment variables are internally consistent with an outbound-calling service; it asks for the expected API key and uses local files to track calls and logs.
- Guidance
- This skill appears to do what it claims, but it handles sensitive personal data and can place real phone calls. Before installing: 1) Verify the vendor (https://www.skill.black) is legitimate and review its privacy policy. 2) Protect the OUTBOUND_API_KEY (use environment variables, do not commit to repo). 3) Confirm you have legal consent to call recipients (telemarketing rules in China can be strict). 4) Be cautious with the --must-outbound option — it can bypass missing information. 5) Periodically purge or secure memory/skills/*.jsonl files because they store PII. 6) Consider testing with a restricted test API key and a small controlled recipient list before wide use.
Review Dimensions
- Purpose & Capability
- okName/description (outbound calling for China) align with the code and SKILL.md. The skill only requires a single API key and an optional base URL and depends on the 'uv' runner to execute the included Python scripts — all appropriate for a telephony integration.
- Instruction Scope
- noteInstructions explicitly collect and transmit phone numbers and full conversation context to the provider API and store PII locally (memory/skills/requests.jsonl and costs.jsonl). The skill requires explicit user confirmation before invoking calls (good), but supports a --must-outbound flag to force calls even when some info is missing — this increases the risk of unintended outbound calls if misused.
- Install Mechanism
- okNo remote install or downloads; this is instruction + local scripts executed via the provided 'uv' runner. No external archives, package installs, or URL-download installers are present in the package.
- Credentials
- okOnly OUTBOUND_API_KEY (and optional OUTBOUND_BASE_URL) are required — these are appropriate and proportionate for a third-party API integration. The API key grants the ability to create calls, so it is sensitive and should be protected.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request elevated system privileges. It writes its own logs under its skill directory (memory/skills) and a suggested config file under ~/.openclaw/secrets — behavior is limited to the skill's scope.