KallyAI Executive Assistant
v2.0.0KallyAI Executive Assistant — AI that handles phone calls (outbound + inbound), email, bookings, research, errands, multi-channel messaging, and phone number...
⭐ 0· 1.8k·1 current·1 all-time
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description match the runtime instructions: the SKILL.md expects a 'kallyai' CLI and documents calls, emails, phone provisioning, messaging, and OAuth-based authentication. Requiring a kallyai binary (and providing a pip package name in the SKILL.md metadata) is consistent with the stated purpose.
Instruction Scope
The SKILL.md confines runtime instructions to using the kallyai CLI and the service's API (api.kallyai.com) and shows command examples and the OAuth flow. It does not instruct reading unrelated local files or environment variables. However, it documents actions that are high-privilege (provisioning numbers, reading inboxes, sending emails, placing calls), which implies the OAuth token will grant broad access to the user's communications and phone capabilities.
Install Mechanism
The registry metadata states there is no install spec, but the SKILL.md includes a 'clawdbot' metadata block that suggests installing 'kallyai-cli' via pip. Installing a third-party pip package is a moderate-risk install mechanism because it will execute code on the host. The package and the api.kallyai.com domain have no homepage/source listed in the registry entry, so the provenance of the pip package cannot be verified from the registry data.
Credentials
The skill declares no required environment variables, which is consistent with a CLI that performs OAuth via browser. But the runtime behavior requires OAuth tokens that grant access to calls, messages, email and phone provisioning. Those credentials are highly sensitive despite not being environment variables; the SKILL.md does not enumerate exact scopes beyond an example ('calls.write'), nor does it explain token storage or revocation behavior.
Persistence & Privilege
The skill is not marked 'always:true' and uses the platform default allowing autonomous invocation. Autonomous operation combined with OAuth tokens that can place calls, send messages, and access inboxes increases blast radius if the CLI or service is compromised. The SKILL.md implies persistent credentials (login/credentials) are stored by the CLI but gives no details on storage location or encryption.
What to consider before installing
This skill appears to be a CLI wrapper for an external service that will need OAuth access to your phone, messages, and email. Before installing: 1) Verify provenance — find the project homepage or source code (PyPI page, GitHub repo) and inspect it; 2) Check the 'kallyai-cli' package on PyPI for publisher, release history, and source links; 3) Review the OAuth scopes requested during login and grant the minimum necessary permissions; 4) Confirm how the CLI stores tokens (where on disk, whether encrypted) and how to revoke tokens; 5) Consider testing with a throwaway account/phone number first rather than your primary communications accounts; 6) If you cannot locate an official homepage or source code and author identity, treat the package as higher risk and avoid installing.Like a lobster shell, security has layers — review code before you run it.
Runtime requirements
📞 Clawdis
Binskallyai
latest
KallyAI Executive Assistant
KallyAI is an AI executive assistant that handles outbound + inbound calls, email, bookings, research, bills, rides, food orders, errands, multi-channel messaging, and phone number management.
Quick Start
# Natural language — routes automatically (80% of usage)
kallyai ask "Book a table at Nobu for 4 tonight"
kallyai ask "Email Dr. Smith to reschedule my Thursday appointment"
kallyai ask "Find the best plumber near me and negotiate a quote"
# Check credits (NOT minutes — credits are the sole billing unit)
kallyai credits balance
# Check inbox
kallyai messages inbox
# View incoming calls handled by AI receptionist
kallyai inbound calls
Complete Workflow
Step 1: Gather Intent
KallyAI covers 14 domains:
| Domain | Examples |
|---|---|
| Coordination | "Book a table", "Handle this for me", any multi-step request |
| Calls | Call a business, check on a reservation, negotiate |
| Inbound | View incoming calls, manage routing rules, voicemails, contacts |
| Phone | Provision numbers, set up forwarding, manage caller ID |
| Actions | Calendar events, bookings, bill analysis, rides, food, errands |
| Messages | Check inbox, read messages, view threads |
| Search | Find businesses, research options, compare prices |
| Send emails, manage accounts, train voice profile | |
| Channels | Manage WhatsApp, Telegram, email contacts, channel status |
| Outreach | Multi-channel outreach tasks (call + email + messaging) |
| Budget | Estimate costs, approve budgets, view breakdowns |
| Credits | Check balance, view history, spending breakdown, plans |
| Subscription | Change plan, view status, cancel pending changes |
| Referrals | Get referral code, view stats, track referrals |
For most requests, use ask — it routes through the coordination AI automatically.
Step 2: Authenticate
For OAuth integration, redirect user to:
https://api.kallyai.com/v1/auth/authorize?response_type=code&client_id=YOUR_CLIENT_ID&redirect_uri=YOUR_REDIRECT_URI&scope=calls.write
User signs in with Google or Apple → receives access token.
For CLI, authentication is automatic (first API call opens browser).
kallyai login # Force re-auth
kallyai logout # Clear credentials
kallyai auth-status # Check login
Step 3: Execute
Natural language (preferred):
kallyai ask "Reserve a table for 4 at 8pm at Nobu"
Direct commands (when you know the domain):
kallyai calls make -p "+15551234567" -t "Reserve table for 4 at 8pm"
kallyai actions calendar create --title "Dinner" --start "2026-02-14T20:00"
kallyai search run "best Italian restaurant downtown"
kallyai inbound calls --status completed
kallyai phone list
Step 4: Monitor & Follow Up
# Check goal status
kallyai coord goals --status active
kallyai coord goal <GOAL_ID>
# Review outbound call results
kallyai calls history
kallyai calls info <CALL_ID>
kallyai calls transcript <CALL_ID>
# Review inbound calls handled by AI receptionist
kallyai inbound calls
kallyai inbound call <CALL_ID>
kallyai inbound transcript <CALL_ID>
# Check inbox for responses
kallyai messages inbox --unread
API Reference
Base URL: https://api.kallyai.com
Authentication: Authorization: Bearer <access_token>
Making Calls (API)
POST https://api.kallyai.com/v1/calls
Authorization: Bearer <access_token>
Content-Type: application/json
{
"submission": {
"task_category": "general",
"task_description": "Ask about store hours and availability",
"respondent_phone": "+15551234567",
"language": "en",
"call_language": "en"
},
"timezone": "America/New_York"
}
Response:
{
"call_id": "uuid",
"status": "success",
"highlights": "They have availability at 8pm",
"next_steps": "Reservation confirmed"
}
Status values: success, no_answer, busy, failed, voicemail, cancelled
Required fields:
| Field | Description |
|---|---|
task_category | restaurant, clinic, hotel, general |
task_description | What AI should accomplish |
respondent_phone | Phone number in E.164 format (+1234567890) |
Optional fields:
| Field | Description |
|---|---|
business_name | Name of business |
user_name | Name for reservation |
appointment_date | YYYY-MM-DD |
appointment_time | HH:MM (24-hour) |
party_size | Number of people (1-50) |
language | en or es |
Domain Command Reference
ask — Natural Language (80% of usage)
kallyai ask "Your request in plain English"
coord — Coordination & Goals
coord message "text" # Chat with coordination AI
coord goals [--status X] # List goals
coord goal <id> # Goal details
coord goal-tree <id> # Goal + sub-goals
coord cancel-goal <id> # Cancel goal
coord cascade-cancel <id> # Cancel goal + sub-goals
coord escalate <id> # Escalate for attention
coord approve-step <id> # Approve next step
coord accept <id> # Accept outcome
coord continue <id> # Continue negotiating
coord archive <id> # Archive goal
coord batch-archive <id>... # Archive multiple
coord budget <id> # Goal budget details
coord history # Conversation history
coord conversations # List conversations
coord new # New conversation
calls — Outbound Phone Calls
calls make -p "+1..." -t "task" # Make a call
calls history # List calls
calls info <id> # Call details
calls transcript <id> # Transcript
calls recording <id> # Recording URL
calls calendar <id> # Calendar .ics
calls cancel <id> # Cancel call
calls reschedule <id> # Reschedule
calls stop <id> # Stop active call
inbound — AI Receptionist (Incoming Calls)
inbound calls [--status X] # List incoming calls
inbound call <id> # Call details
inbound transcript <id> # Call transcript
inbound recording <id> # Call recording
inbound summary # Incoming call summary/stats
inbound analytics [--from X --to X] # Call analytics
inbound transfer <id> --to "+1..." # Transfer call
inbound takeover <id> # Take over live call
inbound reject <id> [--reason X] # Reject call
inbound rules # List routing rules
inbound add-rule --name "..." --action "..." # Create rule
inbound update-rule <id> ... # Update rule
inbound delete-rule <id> # Delete rule
inbound voicemails # List voicemails
inbound voicemail <id> # Voicemail details
inbound voicemail-playback <id> # Voicemail audio
inbound contacts # List contacts
inbound add-contact --name "..." --phone "+1..." # Add contact
inbound update-contact <id> ... # Update contact
inbound delete-contact <id> # Delete contact
inbound import-contacts <file> # Import contacts
inbound events [--from X --to X] # Event log
phone — Phone Number Management
phone list # List your numbers
phone info <id> # Number details
phone countries # Supported countries
phone available --country US # Search available numbers
phone provision --country US # Provision new number
phone forwarding <id> --target "+1..." # Set call forwarding
phone remove-forwarding <id> # Remove forwarding
phone verify-start <number> # Start verification
phone verify-check <number> --code X # Check verification code
phone caller-id <id> --name "..." # Set caller ID
phone release <id> # Release number
actions — Autonomous Actions
actions calendar create --title "..." --start "..."
actions calendar slots [--date X]
actions calendar sync
actions calendar delete <id>
actions restaurant search "query" [--location X]
actions booking create --type restaurant [--date X]
actions booking cancel <id>
actions bill analyze "description" [--amount X]
actions bill dispute "description" [--reason X]
actions ride --pickup "..." --destination "..."
actions food "order description" [--address X]
actions errand "errand description"
actions email send --to "..." --subject "..." "body"
actions email approve <id>
actions email cancel <id>
actions email outbox
actions email replies <id>
actions log [--type X]
actions undo <id>
messages — Unified Inbox
messages inbox [--channel email|sms|call|chat] [--unread]
messages read <id>
messages thread <conversation_id>
messages mark-read <id> [<id>...]
search — Research
search run "query" [--location X]
search quick "query"
search history
search sources
email — Email Account Management
email accounts # List connected
email connect gmail|outlook # Connect provider
email disconnect <id> # Disconnect
email list [--classification important] # List messages
email read <id> # Read email
email respond <id> [instructions] # Respond
email voice-profile # Get voice profile
email train-voice # Train from samples
channels — Multi-Channel Management
channels status # All channel statuses
channels email-add <address> # Add email contact
channels email-list # List email contacts
channels email-update <id> ... # Update email contact
channels email-delete <id> # Delete email contact
channels email-verify <token> # Verify email
channels mailbox # Get KallyAI mailbox address
channels connect <channel> # Connect WhatsApp/Telegram
channels test <channel> # Test channel connection
channels disconnect <channel> # Disconnect channel
outreach — Multi-Channel Outreach
outreach tasks [--status X] # List outreach tasks
outreach task <id> # Task details
outreach create --channel call --target "+1..." "description"
outreach retry <id> # Retry failed task
outreach cancel <id> # Cancel task
budget — Cost Management
budget estimate --type call "description"
budget approve <goal_id>
budget breakdown <goal_id>
budget ack-cap <goal_id>
credits — Balance & Usage
credits balance # Current balance (credits, NOT minutes)
credits history # Usage history
credits breakdown # Spending breakdown by action type
credits costs # Credit cost reference
credits plans # Available credit plans
subscription — Plan Management
subscription status # Current plan status
subscription change-plan <plan> # Change to new plan
subscription cancel-change # Cancel pending plan change
referrals — Referral Program
referrals code # Get your referral code
referrals stats # Referral statistics
referrals history # Referral history
notifications — Notifications
notifications pending # Check pending notification counts
Common Errors
| Code | HTTP | Action |
|---|---|---|
quota_exceeded | 402 | User needs more credits — kallyai.com/pricing |
missing_phone_number | 422 | Ask user for phone number |
emergency_number | 422 | Cannot call emergency services |
country_restriction | 403 | Country not supported |
budget_exceeded | 402 | Goal over budget — approve or cancel |
email_not_connected | 400 | Need to connect email account first |
phone_not_provisioned | 400 | Need to provision a phone number first |
Security
- Token storage:
~/.kallyai_token.jsonwith 0600 permissions - CSRF protection: State parameter validation
- Localhost only: OAuth redirects only to localhost/127.0.0.1
- Auto-refresh: Tokens refresh automatically when expired
Comments
Loading comments...