OpenPhone

v1.0.0

Manage business phone calls, SMS, and contacts via OpenPhone API. Use when asked to send a text message, list calls or messages, look up conversation history...

⭐ 0· 86·1 current·1 all-time

by@dwhite-oss

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for dwhite-oss/openphone.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "OpenPhone" (dwhite-oss/openphone) from ClawHub.
Skill page: https://clawhub.ai/dwhite-oss/openphone
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install openphone

ClawHub CLI

Package manager switcher

npx clawhub@latest install openphone

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

high confidence

ℹ

Purpose & Capability

The SKILL.md describes exactly the OpenPhone REST API endpoints you would expect for sending SMS, listing calls/messages, and managing contacts—functionality is consistent with the skill name and description. However, the SKILL.md explicitly requires OPENPHONE_API_KEY while the registry metadata lists no required env vars or primary credential, creating a mismatch.

Instruction Scope

Instructions are narrowly scoped to curl requests against https://api.openphone.com/v1 and do not reference unrelated files or endpoints. However, they directly reference the environment variable $OPENPHONE_API_KEY in every example; that env var is not declared in the skill metadata, so the runtime behavior (and what secrets the agent will access) is unclear.

✓

Install Mechanism

Instruction-only skill with no install spec and no code files. This is low-risk from an installation/execution perspective because nothing is downloaded or written to disk by an installer.

Credentials

Only one secret (an OpenPhone API key) appears necessary and is proportional to the described capabilities. The problem is that the metadata does not declare that secret; the SKILL.md does. That omission prevents proper vetting (e.g., prompting the user for a limited-scope API key) and may cause accidental exposure of a broader key.

✓

Persistence & Privilege

always:false and no install scripts or config writes are present. The skill does not request persistent system privileges or modify other skills' configuration.

What to consider before installing

Do not install or provide credentials until the metadata and the runtime instructions agree. Specifically: (1) Confirm with the publisher/source that OPENPHONE_API_KEY is required and that the registry metadata will be updated to declare it. (2) If you provide a key, use a least-privilege OpenPhone API key or a workspace-limited token, not a full account master key. (3) Verify the agent will only call api.openphone.com and will not send the key to other endpoints. (4) Consider creating and testing with a dedicated test number/key and rotate the key if it is exposed. (5) Prefer skills from a verifiable/known publisher or ask for source code before granting credentials. Minor note: examples set Authorization: $OPENPHONE_API_KEY (without a Bearer prefix); confirm the correct header format when configuring keys.

Like a lobster shell, security has layers — review code before you run it.

business-phonevk97dq47mcs21xswzs3yzxvzt5x83qyyscallsvk97dq47mcs21xswzs3yzxvzt5x83qyyslatestvk97dq47mcs21xswzs3yzxvzt5x83qyysopenphonevk97dq47mcs21xswzs3yzxvzt5x83qyysphonevk97dq47mcs21xswzs3yzxvzt5x83qyyssmsvk97dq47mcs21xswzs3yzxvzt5x83qyys

86downloads

0stars

1versions

Updated 1mo ago

v1.0.0

MIT-0

OpenPhone Skill

OpenPhone REST API base: https://api.openphone.com/v1

Auth

curl -H "Authorization: $OPENPHONE_API_KEY" \
     -H "Content-Type: application/json" \
     https://api.openphone.com/v1/...

Phone Numbers

List Your Phone Numbers

curl "https://api.openphone.com/v1/phone-numbers" \
  -H "Authorization: $OPENPHONE_API_KEY"
# Save phoneNumberId for sending messages/calls

Contacts

Search Contacts

curl "https://api.openphone.com/v1/contacts?query=John+Smith" \
  -H "Authorization: $OPENPHONE_API_KEY"

Create Contact

curl -X POST "https://api.openphone.com/v1/contacts" \
  -H "Authorization: $OPENPHONE_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "firstName": "Jane",
    "lastName": "Smith",
    "phoneNumbers": [{"number": "+15551234567"}],
    "emails": [{"address": "jane@acme.com"}],
    "company": "Acme Corp"
  }'

Messages (SMS/MMS)

Send SMS

curl -X POST "https://api.openphone.com/v1/messages" \
  -H "Authorization: $OPENPHONE_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "from": "<phoneNumberId>",
    "to": ["+15551234567"],
    "content": "Hi Jane, following up on our conversation earlier!"
  }'

List Messages (Conversation History)

curl "https://api.openphone.com/v1/messages?phoneNumberId=<id>&participants[]=+15551234567&maxResults=20" \
  -H "Authorization: $OPENPHONE_API_KEY"

Calls

List Calls

curl "https://api.openphone.com/v1/calls?phoneNumberId=<id>&maxResults=20" \
  -H "Authorization: $OPENPHONE_API_KEY"

Get Call Details (Recording + Transcript)

curl "https://api.openphone.com/v1/calls/<call_id>" \
  -H "Authorization: $OPENPHONE_API_KEY"
# Response includes: recordingUrl, transcript (if enabled), duration, direction

List Voicemails

curl "https://api.openphone.com/v1/calls?type=voicemail&phoneNumberId=<id>" \
  -H "Authorization: $OPENPHONE_API_KEY"

Call Directions

incoming, outgoing

Message Status Values

queued, sending, delivered, failed, received

Tips

phoneNumberId starts with PN — always list phone numbers first
Transcripts require call recording to be enabled in workspace settings
Rate limit: 60 req/min; batch message sends in loops with brief delays

Comments

Loading comments...