Skill
ReviewAudited by ClawScan on May 11, 2026.
Overview
This skill is coherent for making AI phone calls, but it can place and record real calls that may change appointments or commitments without requiring explicit final confirmation or proactive recording notice.
Before installing, treat this like giving an AI permission to make real recorded phone calls. Only use it when you are comfortable sending the call details to ClawCall, and require the agent to confirm the number, objective, limits, and recording notice before it dials.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could call the wrong party, change an appointment, make a commitment, or trigger a cost if the task or phone number is inferred incorrectly.
The skill can initiate real-world phone actions that may change appointments or commitments, and the instructions do not require a final confirmation of the number, task, spending limits, or allowed commitments before dialing.
Use when the user wants to ... confirm or reschedule or cancel an appointment, make a reservation ... If you already know the number or can confidently find it, use it. If you're not sure, ask the user.
Require explicit user confirmation of the phone number, call objective, allowed commitments, and any spending or cancellation limits before each call.
Users or call recipients may not realize the call is being recorded, which can create privacy, trust, and consent problems.
Recording is a material privacy and legal tradeoff, but the instruction makes disclosure conditional on the user asking rather than requiring proactive notice before the call.
Calls are recorded for transcript generation. The recording URL is returned with the call result. Let the user know their call will be recorded if they ask.
Proactively tell the user before dialing that the call will be recorded and provide clear guidance for obtaining any required consent from call participants.
Sensitive call details may be processed by an external service and included in transcripts or recordings.
The skill sends user-provided call context to an external AI phone-agent provider and receives transcripts/recording links. This is central to the purpose, but the data may include sensitive personal, medical, or account details.
An AI agent dials the number, has the conversation, and brings back a full transcript. ... Base URL: https://api.clawcall.dev
Use only information necessary for the call, avoid sharing highly sensitive details unless needed, and review the provider's privacy and retention practices.
Someone with access to the local file may be able to use the user's ClawCall quota or session.
The skill stores a service API key/session identifier locally for reuse. The path is disclosed and scoped to ClawCall, but it is still persistent account-related state.
Persist the key across conversations. ... save it to ~/.config/clawcall/key.json
Store the key in a secure secret store when available, restrict file permissions, and delete ~/.config/clawcall/key.json if you stop using the service.