Telnyx Embeddings Provider

ReviewAudited by ClawScan on May 12, 2026.

Overview

This appears to be a straightforward Telnyx embeddings provider that uses a Telnyx API key and sends embedding text to Telnyx as disclosed.

This skill looks benign for its stated purpose. Before installing, make sure you are comfortable using a Telnyx API key and sending memory-search embedding text to Telnyx, since that is how the provider works.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI03: Identity and Privilege Abuse

What this means

The provider can make requests using your Telnyx account key and may incur Telnyx API usage.

Why it was flagged

The plugin declares that Telnyx authentication uses a Telnyx API key, which is expected for this provider but still grants account-backed API access.

Skill content

"providerAuthEnvVars": { "telnyx": [ "TELNYX_API_KEY" ] }

Recommendation

Use a dedicated Telnyx API key with appropriate scope, store it securely, and revoke it when no longer needed.

Medium

#ASI07: Insecure Inter-Agent Communication

What this means

Text passed into OpenClaw memory search embeddings may be processed by Telnyx.

Why it was flagged

Embedding inputs are sent to Telnyx's remote API with the configured model; this matches the stated purpose but means the text being embedded leaves the local environment.

Skill content

const DEFAULT_TELNYX_BASE_URL = "https://api.telnyx.com/v2/ai/openai"; ... body: { model: client.model, input }

Recommendation

Install and enable this provider only if your data policy allows sending memory/search text to Telnyx.