ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Phone Caller

v1.0.0

Make AI-powered outbound phone calls using ElevenLabs voice + GPT brain + Twilio. Supports one-way pre-recorded messages AND live two-way conversations where...

0· 542·0 current·0 all-time
by@omerflo
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The skill's stated purpose (make outbound calls using Twilio + ElevenLabs with an optional GPT-driven interactive mode) matches the included scripts. However, the registry metadata claims no required env vars/credentials while SKILL.md and the scripts require multiple sensitive credentials (ELEVENLABS_API_KEY, TWILIO_ACCOUNT_SID, TWILIO_AUTH_TOKEN, TWILIO_PHONE_NUMBER, OPENAI_API_KEY and optional MASTER_PHONE). This mismatch is an integrity/information problem.
!
Instruction Scope
SKILL.md and the server.py instruct the agent/user to: run a public tunnel (localtunnel), host a webhook publicly, upload generated audio to a third-party host (tmpfiles.org) in one-way mode, and automatically send a GPT-generated summary via a local imsg CLI to MASTER_PHONE. The instructions reference /tmp paths, require reading several env vars not declared in the registry, and expose local endpoints to the internet. Those actions expand the scope beyond just 'make a call' and have privacy/exposure implications.
Install Mechanism
There is no install spec (instruction-only), which reduces installer risk. Still, the code assumes presence of Python packages (twilio, flask, openai, requests) and uses 'npx localtunnel' in instructions — none of these are declared. No remote binary downloads are scripted, but the need to run a local server and use third-party services increases operational risk.
!
Credentials
The scripts legitimately need Twilio and ElevenLabs API credentials and (for interactive mode) an OpenAI key — but the registry lists no required env vars. Additional sensitive items (MASTER_PHONE for iMessage, CALLER_PUBLIC_URL / CALLER_PORT, optional CALLER_VOICE_ID) are used but not declared. Requiring full Twilio account SID/auth token and OpenAI key is proportionate to function but still sensitive; the omission from metadata and automatic iMessage sending are notable issues.
Persistence & Privilege
always:false (normal). The skill will run a local Flask server and serve audio files from /tmp while running — this is transient but exposes local endpoints when tunneled to the public internet. The skill also invokes a local 'imsg' binary to send iMessage, which uses the host's messaging capability (sensitive). The skill does not alter other skills or system-wide configs, but running a public webhook and sending messages from the host are elevated operational privileges that users should accept explicitly.
What to consider before installing
Before installing or running this skill, consider the following: - Metadata mismatch: The registry claims no required env vars, but the SKILL.md and scripts require multiple sensitive keys (ELEVENLABS_API_KEY, TWILIO_ACCOUNT_SID/TWILIO_AUTH_TOKEN/TWILIO_PHONE_NUMBER, OPENAI_API_KEY) and a MASTER_PHONE for iMessage. Treat those keys as sensitive and confirm you are willing to provide them. - iMessage sending: server.py calls a local 'imsg' CLI to send summaries to MASTER_PHONE. That will send messages from your machine/account — only set MASTER_PHONE if you want automatic iMessage output, and verify the 'imsg' tool behavior first. - Public exposure: Interactive mode requires tunneling (localtunnel/ngrok) which exposes your local server to the internet. Only run behind a tunnel you control and on a machine you trust. Consider restricting usage to test numbers and isolated environments. - Third-party hosting: One-way mode uploads generated audio to tmpfiles.org (60m TTL). That stores audio on a third-party server; do not upload sensitive content there. Consider hosting audio yourself or using a trusted storage service. - Least privilege: Use dedicated or limited-scope API keys (Twilio subaccount, ElevenLabs key with limited usage if possible, and a separate OpenAI key) and rotate them after testing. - Platform assumptions: The code assumes availability of Python packages (twilio, flask, openai, requests) and the 'imsg' CLI (macOS). Verify these dependencies and platform compatibility. - Code review & testing: Because the skill contains executable scripts, review the source and run in a sandboxed environment (VM or isolated container) before granting real credentials or calling real phone numbers. Test with verified/test phone numbers and a Twilio trial or subaccount. If you proceed, minimize blast radius: create limited API keys, avoid using personal iMessage accounts, avoid uploading private audio to tmpfiles.org, and monitor network traffic while testing.

Like a lobster shell, security has layers — review code before you run it.

latestvk975nvmqw94528c4jecbxyg9xd81rapg
542downloads
0stars
1versions
Updated 5h ago
v1.0.0
MIT-0
@omerflo
latest
Download

phone-caller

Make AI-powered outbound calls via Twilio, voiced by ElevenLabs, with optional live GPT-powered conversation.

Two Modes

Mode 1: One-way message — Generate audio with ElevenLabs, upload it, play it on a Twilio call. Simple, fast, no server needed.

Mode 2: Interactive conversation — Start server.py, call with a webhook URL. The AI listens to responses (Twilio STT), thinks (GPT), and speaks back (ElevenLabs) in real-time. Ends with auto-summary sent via iMessage.

Required Credentials (env vars)

ELEVENLABS_API_KEY   # from elevenlabs.io
TWILIO_ACCOUNT_SID   # from console.twilio.com (starts with AC...)
TWILIO_AUTH_TOKEN    # from console.twilio.com
TWILIO_PHONE_NUMBER  # your Twilio number e.g. +12025551234
OPENAI_API_KEY       # for interactive mode brain

Mode 1: One-way Call

python3 scripts/one_way_call.py \
  --to "+13105551234" \
  --text "Hey! Just calling to say good morning." \
  --voice "tyepWYJJwJM9TTFIg5U7"   # optional, defaults to Clara (Australian female)

See references/voices.md for curated voice IDs.

Mode 2: Interactive Conversation

Step 1 — Start a tunnel (needed so Twilio can reach your server)

npx localtunnel --port 5050 --subdomain my-caller
# Note the URL: https://my-caller.loca.lt

Step 2 — Start the server

export CLARA_PUBLIC_URL="https://my-caller.loca.lt"
python3 scripts/server.py

Step 3 — Make the call

python3 scripts/interactive_call.py \
  --to "+13105551234" \
  --url "https://my-caller.loca.lt" \
  --persona "You are calling a restaurant to book a table for 2 at 8pm tonight." \
  --opening "Hi! I'd like to make a reservation for two people this evening around 8pm. Do you have availability?"

When the call ends, a GPT-generated summary is automatically sent via iMessage to MASTER_PHONE env var.

Scheduling a Call

Use macOS cron for timed calls:

# Add to crontab — this example calls at 8:45 AM
crontab -e
45 8 24 2 * python3 /path/to/scripts/one_way_call.py --to "+1..." --text "Good morning!" >> /tmp/call.log 2>&1

Voice Selection

  • Default: Clara tyepWYJJwJM9TTFIg5U7 — Australian female, warm, clear, professional
  • See references/voices.md for full curated list with IDs and descriptions

Key Notes

  • Twilio trial accounts: Can only call verified numbers. Upgrade or verify numbers at console.twilio.com → Verified Caller IDs
  • Audio hosting: Scripts use tmpfiles.org for one-off calls (60 min TTL). For scheduled calls, server.py serves audio at /audio/<file> via the tunnel
  • localtunnel: Free, no account needed. ngrok requires a free account + authtoken
  • Interactive mode latency: ~3-5s per turn (ElevenLabs TTS + GPT + audio upload). Normal for phone conversations

Comments

Loading comments...