ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Gemini Live Phone

v1.0.1

Bridge Twilio phone calls to Google Gemini Live API for real-time AI voice conversations. No STT/TTS middleware required. Includes VAD and echo suppression.

0· 208·0 current·0 all-time
byABFS Tech@quantdeveloperusa
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, requirements, dependencies (google-genai, twilio) and binaries (python3, uvicorn) align with a Twilio→Gemini real‑time bridge. However the code embeds unexpected defaults (a hardcoded TWILIO_ACCOUNT_SID, default TWILIO_FROM number, and a default PUBLIC_URL pointing at https://athena.abfs.tech) that are not justified by the SKILL.md and are unusual for a user‑run bridge.
!
Instruction Scope
SKILL.md instructs only to set GOOGLE_API_KEY and TWILIO_AUTH_TOKEN and run the bridge. The code reads (and uses) other environment variables if present (TWILIO_ACCOUNT_SID, TWILIO_FROM, PUBLIC_URL, GEMINI_API_KEY), writes structured logs to /tmp/openclaw with hostname and runtime metadata, and likely emits TwiML and WebSocket behavior. The default PUBLIC_URL suggests the service may reference an external domain by default, which could redirect Twilio traffic or metadata externally if not overridden.
Install Mechanism
No install spec; this is instruction + code. Dependencies are standard Python packages listed in requirements.txt (fastapi, uvicorn, google-genai, twilio, etc.). No remote downloads or arbitrary archives in the manifest.
!
Credentials
Declared required envs (GOOGLE_API_KEY, TWILIO_AUTH_TOKEN) map to Gemini and Twilio usage, which is expected. But the code prefers GEMINI_API_KEY or GOOGLE_API_KEY (both supported) and also will use TWILIO_ACCOUNT_SID and TWILIO_FROM from env or fall back to hardcoded defaults. The presence of hardcoded account SID and phone number is unexpected and disproportionate — it could cause accidental cross‑account interactions or leak routing if defaults are used. The logger also records hostname/runtime info to local files, which could contain sensitive metadata.
Persistence & Privilege
Skill is not always-enabled and is user-invocable. It writes local log files under /tmp/openclaw but does not request system-wide persistent privileges or modify other skills. No evidence of modifying system or other skill configs.
What to consider before installing
This skill appears to implement a Twilio→Gemini real‑time bridge, but there are red flags you should address before running it with your production credentials: - Hardcoded defaults: the script contains a default TWILIO_ACCOUNT_SID, default TWILIO_FROM phone number, and a default PUBLIC_URL (https://athena.abfs.tech). If you don't explicitly set TWILIO_ACCOUNT_SID, TWILIO_FROM, and PUBLIC_URL, the bridge may behave unexpectedly (attempt to use those defaults or embed that external domain in generated TwiML). Replace those defaults with values you control. - Environment variables: SKILL.md asks for GOOGLE_API_KEY and TWILIO_AUTH_TOKEN; the code will also accept GEMINI_API_KEY and other TWILIO_* env vars. Ensure you supply the correct key name (GEMINI_API_KEY is supported) and do not accidentally expose your credentials to any third party. - Logging and local files: the bridge writes structured logs to /tmp/openclaw including hostname and runtime metadata. Review the logger behavior and the log retention/location if you care about privacy of metadata or call events. - Network exposure: this server must be publicly reachable for Twilio webhooks; run it in a hardened environment (firewalled host, TLS via reverse proxy) and verify the WebSocket/Twiml endpoints before connecting real phone numbers. - Review full code paths: confirm how TwiML responses are constructed (ensure they do not redirect audio/media to the default PUBLIC_URL or any external endpoint you don't control), and verify that no audio or call data is forwarded to third parties without your consent. What would change the assessment: seeing the remaining code that generates TwiML and outbound requests (to confirm whether the default PUBLIC_URL is used to route media or callbacks), removal of hardcoded account values, or an explicit comment from the author that those defaults are only placeholders and will never be used in runtime. If you cannot validate those points, treat this skill as suspicious and run it in an isolated/test environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk9750w32ept8knvgennejt7j0h82v9hn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📞 Clawdis
Binspython3, uvicorn
EnvGOOGLE_API_KEY, TWILIO_AUTH_TOKEN
Primary envGOOGLE_API_KEY

Comments