ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawfinger

OpenClaw plugin that bridges to the Clawfinger voice gateway. Provides tools for live call takeover, TTS injection, outbound dialing, hangup, context/knowled...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 391 · 0 current installs · 0 all-time installs
by@TracSystems
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation: REST client and persistent WS bridge to a local gateway (default http://127.0.0.1:8996) plus tools for dial/hangup/inject/takeover. No unrelated env vars, binaries, or external services are requested by the plugin; the bearer token is declared in plugin config (openclaw.plugin.json) as expected.
Instruction Scope
SKILL.md instructs the agent to connect to a local gateway, use a persistent WebSocket to receive transcripts and events, and call gateway REST endpoints. This is within the claimed scope, but the plugin exposes sensitive capabilities (live caller transcripts, outbound dialing, TTS injection, takeover) so operators should be aware that the agent will have access to potentially sensitive conversational data.
Install Mechanism
This is instruction-only plus included TypeScript source; there is no download-from-URL or obscure installer. package.json lists a single common dependency (@sinclair/typebox). No extract-from-URL installs or shorteners are present.
Credentials
The plugin itself does not require OS credentials or unrelated secrets. Configuration supports a gateway bearerToken (stored in plugin config) which is appropriate. Be aware the gateway (per docs) can be configured to use remote LLMs with API keys (example shows an "api_key: sk-..."); those keys would be stored at the gateway level, not requested by this plugin—operators should not put sensitive remote-LLM keys into a gateway they don't fully trust.
Persistence & Privilege
always:false (normal). The plugin registers a background WS bridge service that starts when the plugin loads — expected for realtime gateway integration. However, the plugin exposes powerful call-control tools to LLM agents; because model invocation is allowed (disable-model-invocation:false), autonomous agents could initiate dialing, takeover, inject TTS, or release control. This raises operational risk but is coherent with the plugin's purpose.
Assessment
This plugin appears to do what it says: bridge to a local Clawfinger voice gateway and provide tools for call control and LLM takeover. Before installing, confirm you trust the local gateway and network environment because the plugin (and any agent using it) will receive live call transcripts and can: dial numbers, play synthesized speech into calls, take over or release the gateway LLM, and change call policy. Recommended precautions: (1) store the gateway bearer token securely and restrict who can edit plugin config, (2) avoid placing remote-LLM API keys into the gateway unless you trust it and its storage, (3) consider disabling autonomous model invocation or require human approval for sensitive tools (dial, takeover, inject), (4) enable logging/auditing of actions and monitor usage, and (5) test in an isolated environment with a test phone/gateway before using in production or with real callers.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.3
Download zip
latestvk97fme8h6ypdet91s1y538pqed81tqk8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📞 Clawdis

SKILL.md

Clawfinger — OpenClaw Voice Gateway Plugin

Requires: Trac-Systems/clawfinger — the local voice gateway and Android phone app. Install and run the gateway before using this plugin.

OpenClaw plugin that gives agents full control over the Clawfinger local voice gateway and its active phone calls.

What It Does

  • Call control: Dial outbound calls, hang up, inject spoken messages into live calls
  • LLM takeover: Replace the gateway's local LLM with agent-driven responses in real time
  • Context injection: Push knowledge into the LLM context so the phone assistant has facts you provide
  • Instruction management: Set system prompts at global, session, or one-shot turn scope
  • Call policy: Read and update greetings, auto-answer, caller filtering, max duration
  • Observation: Query session state, conversation history, and gateway health

Dependencies

  • Gateway: A running Clawfinger voice gateway (app.py on 127.0.0.1:8996)
  • Node: @sinclair/typebox (install via npm install in plugin directory)
  • Phone: Android phone with the PhoneBridge app, connected via ADB reverse port forwarding

Configuration

In ~/.openclaw/openclaw.json:

{
  "plugins": {
    "load": { "paths": ["/path/to/gateway/openclaw/clawfinger"] },
    "entries": {
      "clawfinger": {
        "enabled": true,
        "config": {
          "gatewayUrl": "http://127.0.0.1:8996",
          "bearerToken": "localdev"
        }
      }
    }
  }
}

Tools

ToolDescription
clawfinger_statusGateway health, active sessions, bridge status
clawfinger_sessionsList active call session IDs
clawfinger_call_stateFull call state: history, instructions, takeover status
clawfinger_dialDial outbound call via ADB
clawfinger_hangupForce hang up active call and end session
clawfinger_injectInject TTS message into a live call
clawfinger_takeoverTake over LLM control for a session
clawfinger_turn_waitWait for the next caller turn during takeover (returns transcript + request_id)
clawfinger_turn_replySend your reply text for a takeover turn (requires request_id)
clawfinger_releaseRelease LLM control back to local LLM
clawfinger_context_setInject knowledge into session LLM context
clawfinger_context_clearClear injected knowledge
clawfinger_instructions_setSet LLM system instructions (global/session/turn)
clawfinger_call_config_getRead call policy settings
clawfinger_call_config_setUpdate call policy settings

Slash Commands

/clawfinger status, /clawfinger dial <number>, /clawfinger hangup, /clawfinger inject <text>, /clawfinger takeover <sid>, /clawfinger release <sid>, /clawfinger end <sid>, /clawfinger context get|set|clear <sid>, /clawfinger config call|tts|llm, /clawfinger instructions <text>.

Related Skills

  • agent-takeover: Full takeover lifecycle guide with timing model and test case
  • voice-gateway: Gateway installation, API reference, and operations

Files

8 total
Select a file
Select a file to preview.

Comments

Loading comments…