Stringclaw
ReviewAudited by ClawScan on May 18, 2026.
Overview
This phone-call skill is coherent, but it deserves review because it changes OpenClaw gateway/agent settings and starts a background bridge with a local gateway token.
Before installing, confirm that you are comfortable with real outbound calls, an external bridge package, changes to OpenClaw gateway settings, and a background bridge process holding a gateway token. After use, know how to stop the bridge and consider rotating the gateway token.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The bridge may keep running after the intended call and continue to have access to the local OpenClaw gateway until the user manually stops it or rotates the token.
The bridge is launched in the background with a gateway token, and the instructions do not include a stop command, cleanup step, or stated lifetime.
OPENCLAW_GATEWAY_TOKEN=<token> stringclaw-bridge serve > /tmp/stringclaw-bridge.log 2>&1 &
Run the bridge only for the active call, document how to stop it, and include cleanup or token-rotation guidance after use.
A process holding this token can send authenticated requests to the local OpenClaw gateway while it is running, so compromise or misuse of the bridge would have direct account/agent access implications.
The skill instructs the agent to read the local gateway auth token and provide it to the bridge process, giving that process authenticated access to the local gateway.
openclaw config get gateway.auth.token ... OPENCLAW_GATEWAY_TOKEN=<token> stringclaw-bridge serve
Clearly document what the token authorizes, limit its scope if possible, avoid logging or exposing it, and rotate it after using the bridge.
Installing or invoking the skill can alter the user’s OpenClaw environment beyond a single call, which may affect future gateway or agent behavior.
The setup changes gateway behavior and creates a persistent voice agent non-interactively, but does not provide clear user approval, rollback, or containment instructions.
openclaw config set gateway.http.endpoints.chatCompletions.enabled true ... openclaw agents add voice --model gemini-3.1-flash-lite-preview --non-interactive
Ask for explicit user approval before changing gateway settings or adding agents, show the exact changes, and provide rollback commands.
The external bridge package will handle sensitive runtime access, including the Stringclaw API key and local gateway token, so trust in that package matters.
The skill relies on an external Node package to provide the executable bridge; this is expected for the phone-call integration, but the submitted artifacts do not include the bridge code for review.
node | package: @stringclaw/bridge | creates binaries: stringclaw-bridge
Install only from a trusted registry/publisher, prefer pinned versions or lockfiles, and review the package provenance before use.
Anything discussed during the voice call may be processed through the Stringclaw bridge and the local OpenClaw agent session.
The voice call is bridged into a local OpenClaw chat-completions gateway, which is expected for the feature but is a sensitive data path involving spoken conversation content.
Initiates an outbound voice call that connects them to a live session with you ... curl -X POST http://127.0.0.1:18789/v1/chat/completions
Avoid sharing highly sensitive information on calls unless the Stringclaw and OpenClaw data handling model is acceptable, and document the data flow and retention expectations.