ClawHub

OpenClaw Voice Call Playbook

v0.1.0

Operate outbound voice calls safely with the OpenClaw voice-call plugin.

0· 27·0 current·0 all-time
byDaniel Sinewe@danielsinewe
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchasesRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the runtime instructions: the skill is an instruction-only playbook for using the OpenClaw voice-call plugin. The only required config path (plugins.entries.voice-call.enabled) and the provider credential fields listed (Twilio/Telnyx/Plivo) are appropriate for a voice-call integration.
Instruction Scope
SKILL.md confines actions to initiating/continuing/ending calls, status checks, and preflight checks. It explicitly requires user intent, destination confirmation, and recommends mock mode and retry limits. It does not instruct the agent to read unrelated system files, environment variables, or exfiltrate data to unexpected endpoints.
Install Mechanism
No install specification or code is included; this is instruction-only, so nothing is written to disk and there are no external download risks.
Credentials
The skill does not request environment variables but references provider config values (API keys/tokens, fromNumber) that are expected for this functionality. Requiring plugin config access (plugins.entries.voice-call.*) is proportionate; users should ensure those plugin credentials are stored and scoped securely.
Persistence & Privilege
always is false (good). disable-model-invocation is false (agent can invoke autonomously) — this is platform default and not by itself disqualifying, but it does mean the agent could place outbound calls without an extra manual gate unless you configure the agent or platform to require confirmation.
Assessment
This playbook appears coherent and appropriate for operating outbound calls, but review these before enabling it: 1) Ensure plugin config (provider API keys, auth tokens, fromNumber) is stored securely and scoped only to the plugin. 2) Limit agent autonomy if you do not want unattended outbound calls — require explicit user confirmation or platform gating. 3) Use provider mock mode and test scripts before live traffic to avoid accidental calls/costs. 4) Implement rate limits, retry caps, auditing (log call IDs/outcomes), and check privacy/legal requirements for call content/recording. 5) Review where webhooks/status callbacks point (they can expose call metadata) and confirm those endpoints are trusted. If you need higher assurance, ask for the plugin implementation and config storage details so you can audit where credentials are kept and how call audio/webhooks are handled.

Like a lobster shell, security has layers — review code before you run it.

callingvk9754krsxq2hkpyjmmx1d1bq5d84xn4flatestvk9754krsxq2hkpyjmmx1d1bq5d84xn4fopenclawvk9754krsxq2hkpyjmmx1d1bq5d84xn4foperationsvk9754krsxq2hkpyjmmx1d1bq5d84xn4fplivovk9754krsxq2hkpyjmmx1d1bq5d84xn4ftelnyxvk9754krsxq2hkpyjmmx1d1bq5d84xn4ftwiliovk9754krsxq2hkpyjmmx1d1bq5d84xn4fvoicevk9754krsxq2hkpyjmmx1d1bq5d84xn4f

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📞 Clawdis
Configplugins.entries.voice-call.enabled

Comments