ClawHub

AI Phone Calls (Bland AI)

v1.0.0

Make AI-powered phone calls via Bland AI - book restaurants, make appointments, inquire about services. The AI calls on your behalf and reports back with transcripts.

6· 3.4k·13 current·13 all-time
by@dru-ca
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (AI phone calls via Bland AI) align with the included scripts: phone-call.sh, check-call.sh, and bland.sh all call https://api.bland.ai/v1 and only perform phone call creation, status checks, analysis, and listing. The BLAND_API_KEY requirement is appropriate and necessary for this purpose.
Instruction Scope
SKILL.md and the scripts stay within the stated purpose (make calls, check status, retrieve transcripts). The scripts read an optional secrets file at ~/.clawd/secrets.json (as documented) and use the BLAND_API_KEY. They do not reference other system credentials or unexpected endpoints. Minor note: the scripts assume the availability of curl and jq (used heavily) but the skill metadata does not declare required binaries.
Install Mechanism
There is no install spec (instruction-only / script bundle), so nothing arbitrary is downloaded or extracted. This is low-risk. Operational gap: the scripts rely on external CLI tools (curl, jq) that are not declared in the skill requirements; the user must ensure those tools are present.
Credentials
Only BLAND_API_KEY is requested. The optional secrets file location (~/.clawd/secrets.json) is documented and used, and no other tokens, passwords, or unrelated environment variables are requested. This is proportionate for a remote-API phone-calling integration.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system-wide agent settings, and only reads (not writes) a local secrets file. Autonomous invocation is allowed by platform default, but that is not combined with other concerning flags here.
Assessment
This skill appears to do exactly what it says (drive Bland AI calls) and only asks for a Bland API key. Before installing: 1) Verify you trust Bland.ai and understand billing/recording/privacy (calls may be recorded and billed). 2) Ensure curl and jq are installed on your agent host (the scripts use them but the registry metadata doesn't list them). 3) Store BLAND_API_KEY securely (environment variable or ~/.clawd/secrets.json as described) and avoid using a broad-purpose key if Bland supports scoped keys. 4) Review any transcript/recording URLs produced by the service before sharing externally. 5) Because the skill can be invoked autonomously by default, consider whether you want the agent to make outbound calls without explicit approval (especially if you plan to leave it enabled for agents that act autonomously). If you need higher assurance, confirm the API host and key format with Bland.ai documentation and consider running the scripts in a controlled environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk9754aynzypjbsvdg98erfcfa97zz2cp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📞 Clawdis
EnvBLAND_API_KEY

Comments