ClawHub

Voice Call

Security checks across malware telemetry and agentic risk

Overview

This official OpenClaw plugin does what it says: it enables configured voice calls, with privacy and billing risks users should manage.

Install only where live phone calls are intended. Configure tool approvals, outbound number policy, telephony billing controls, webhook signature verification, and call-log retention carefully; use per-call session scope when caller memory should not persist across calls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • System Prompt LeakageDirect Leakage, Indirect Extraction, Tool-Based Exfiltration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The plugin exposes live outbound call initiation through gateway methods and a tool interface without any built-in confirmation, consent check, rate limit, or policy guard in the execution path. If an agent, operator session, or upstream integration is compromised or mis-prompted, it can place real phone calls and potentially deliver arbitrary spoken content or DTMF, creating fraud, harassment, and social-engineering risk.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The code injects the caller's phone number directly into the model's system prompt, exposing personally identifiable information to the LLM and potentially to downstream providers, logs, traces, or tool calls without any minimization in this component. In a voice-agent context, this data is not required for most conversational tasks, so including it by default increases privacy and compliance risk if the model mishandles, stores, or echoes the number.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The runtime persistently stores call records and transcripts to disk, including caller metadata and conversation content, without any visible retention controls, encryption, or privacy guardrails in this file. In a voice-call skill, this is sensitive data by default, so silent persistence materially increases the risk of privacy leakage, over-retention, and forensic recovery of conversations.

VirusTotal

59/59 vendors flagged this plugin as clean.

View on VirusTotal