Paired — Bluetooth Phone Bridge
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is transparent about bridging to your phone, but it grants high-impact phone control and has some unclear or inconsistent safeguards that should be reviewed before use.
Install only on a Linux host and phone you own. Before enabling it, review the trusted-numbers file, avoid storing your phone PIN unless needed, do not enable background systemd hooks or SMS auto-reply casually, and confirm whether Gemini/Telegram integrations may receive message content. Prefer the paired-* wrappers over low-level bt-* tools for high-impact actions.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If this path works on the phone, an agent or command could attempt to send SMS messages without the same visible safeguards described for the higher-level wrappers.
This exposed SMS command accepts arbitrary destination and message text and has a silent-send mode. The provided file does not show the trusted-number allowlist or explicit confirmation check that SKILL.md says should gate all SMS sends.
ap.add_argument("number"); ap.add_argument("text"); ap.add_argument("--silent", action="store_true" ...); if args.silent: r = bt_adb.sms_send_silent(args.number, args.text, serial=args.serial)Use the high-level paired-sms-send wrapper by default, add an explicit trusted-number or --confirm gate to bt-adb-sms-send as well, and avoid enabling or using --silent unless the user has clearly approved that exact send.
SMS content or reply context may be sent to an external AI provider when auto-reply is enabled, even though the summary does not clearly list that network destination.
The artifact implies an external Gemini provider flow for SMS LLM auto-reply, but the declared external services and network-access summary only call out Telegram/Bluetooth. That leaves the SMS-to-provider data boundary under-described.
~/.config/paired/gemini-keys.conf ... Gemini API key(s) for paired-respond — OPTIONAL, only if SMS LLM auto-reply is enabled ... external_services: - telegram ... network_access: bluetooth-LAN-only-plus-user-own-telegram
Clearly list Gemini as an external service, document what SMS/contact data is sent, require explicit opt-in for auto-reply, and provide a simple way to disable it.
Installing and configuring the skill can give the agent access to private messages, contacts, clipboard content, phone controls, and possibly the ability to unlock the phone.
The skill openly declares sensitive phone data access and optional storage of a phone unlock PIN. This is purpose-aligned for a phone bridge, but it crosses an important permission boundary.
capabilities: ... reads-sms ... reads-contacts ... reads-clipboard ... controls-mobile-device-via-adb ... unlocks-mobile-device-with-stored-pin ... ~/.config/paired/pin ... phone unlock PIN ... OPTIONAL, only if --auto-unlock used
Only use this on your own trusted host and phone, keep the PIN file disabled unless necessary, enforce 0600 permissions, and review trusted numbers regularly.
If enabled, parts of the skill can continue running in the background and react to SMS/call or command-hook events outside a single interactive request.
The skill documents optional user-level systemd services that keep listening for phone events and command dispatch after setup.
Systemd unit files ... for persistent listeners (SMS push, call watch, command hook) ... systemctl --user enable --now paired-inbox-hook.service
Enable only the services you need, verify them with systemctl --user, protect the HMAC key, and disable the services when you no longer want background monitoring.
After setup, many Bluetooth/ADB/phone-control commands are easy for the user or agent to invoke from the shell.
The installation instructions place many included scripts directly into the user's command path. This is expected for a local tool skill, but it increases the importance of trusting and reviewing the package.
for f in ~/.openclaw/workspace/skills/paired/bin/*.py; do ln -sf "$f" ~/bin/"$(basename "$f" .py)"; done ... chmod +x ~/.openclaw/workspace/skills/paired/bin/*.py
Review the installed scripts before symlinking them into ~/bin, keep the skill updated from a trusted source, and remove the symlinks if you uninstall or stop using it.