Carbonvoice Openclaw Extension 2026.5.14.Tgz
ReviewAudited by ClawScan on May 14, 2026.
Overview
This appears to be a legitimate Carbon Voice channel plugin, but it uses a Carbon Voice token and can read, reply to, and acknowledge Carbon Voice messages when enabled.
Install only if you intend OpenClaw to operate as a Carbon Voice channel. Use a dedicated Carbon Voice agent PAT, verify the API base URL and webhook URL, restrict inbound senders with `creatorId` if appropriate, and consider removing or checking the bundled older `.tgz` archive before deployment.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed and configured, OpenClaw can act through the configured Carbon Voice agent account.
The plugin needs a Carbon Voice personal access token or API key, giving it delegated access to the Carbon Voice account used for the channel.
**Credential:** set the **`AGENT_PAT`** environment variable to your Carbon Voice agent personal access token (`cv_pat_...`) for the default account, or set `apiKey` on the account in config
Use a dedicated Carbon Voice agent token with the least privileges available, keep it out of shared config files when possible, and rotate it if the host or config is exposed.
The agent may post replies and acknowledgments in Carbon Voice conversations as part of the channel behavior.
The runtime can create Carbon Voice messages and add acknowledgment reactions through Carbon Voice API endpoints.
path: "/v3/messages/start" ... path: `/reactions/${encodeURIComponent(reactionId)}/${encodeURIComponent(opts.messageId.trim())}`Enable the channel only for the intended Carbon Voice account and review creator/user filters so the agent responds only where expected.
Carbon Voice messages can trigger OpenClaw processing and replies; a misconfigured public webhook or broad creator filter could expose more conversations to the agent than intended.
The plugin accepts Carbon Voice events through a websocket and, optionally, a public webhook route that can deliver external messages into OpenClaw.
PAT websocket plus optional webhooks ... If you set **`publicWebhookBaseUrl`**, it also subscribes webhooks and registers the HTTP route. Inbound filters exclude the PAT user’s own messages; optional **`creatorId`** limits inbound to that user only.
Use HTTPS for public webhook URLs, keep the default route private except to Carbon Voice where possible, and set `creatorId` if only one sender should be allowed.
Extra archives can make package review and provenance harder, even when they are not executed.
The package includes an older nested tarball artifact that is not shown as part of runtime behavior. It is not evidence of execution, but it is extra packaged material to verify.
openclaw-carbonvoice-2026.3.14.tgz (12129 bytes)
Publisher should remove unused nested package archives from releases, or users should verify the archive contents before trusting the package.