Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Show Booking
v0.1.0Book real estate showing tours from emailed or pasted listing details, including extracting listing data, preparing outbound call jobs, coordinating a callin...
⭐ 0· 640·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description align with the included scripts (parsing intake, building call queues, and producing .ics files). However, the runtime workflow explicitly delegates outbound calling to a separate 'tour-booking' sub-agent (place_outbound_call.py) and the references document mentions ElevenLabs API keys — yet the skill metadata declares no required environment variables or primary credential. That omission is disproportionate to the stated end-to-end calling capability.
Instruction Scope
SKILL.md tells the agent to run local scripts and to invoke an external sub-agent script for placing outbound calls. The provided code is local and file-based, but the calling step hands off listing metadata, client identity, and callbacks to 'tour-booking', which is not included here. That sub-agent is described as handling ElevenLabs integration (voice calls) and could transmit PII to external services. The instructions therefore implicitly permit network calls and transmission of personal data without declaring those endpoints/credentials.
Install Mechanism
There is no install spec and the code shipped is small, local Python scripts. Nothing in this package attempts to download or install external binaries; risk from the install mechanism itself is low.
Credentials
The 'integration-notes' reference required environment variables for live calls (ELEVENLABS_API_KEY, ELEVENLABS_AGENT_ID, optional ELEVENLABS_OUTBOUND_URL), but the skill's declared requirements list none. A skill that initiates outbound voice calls would legitimately need such credentials — their absence from the metadata is an incoherence that hides the need to supply sensitive keys to enable the full workflow.
Persistence & Privilege
The skill does not request always:true, system-level config paths, or persistent privileges. It reads/writes local files under paths supplied at runtime (e.g., /tmp or user-provided paths), which is consistent with its described function.
What to consider before installing
This skill's local scripts (parsing, planning, .ics creation) are coherent and low-risk, but the critical calling step is delegated to an external 'tour-booking' component that is not included and which the references say uses ElevenLabs (voice API). Before installing or running this skill: (1) confirm where 'tour-booking/scripts/place_outbound_call.py' lives and inspect its code and endpoints; (2) don't provide ELEVENLABS_API_KEY or related credentials unless you trust that sub-agent and have audited its behavior; (3) if you need to test, use the documented --dry-run mode so no live calls or external network transmission happens; (4) consider privacy and telemarketing/regulatory obligations before allowing live calls that transmit client PII; (5) request the publisher to update metadata to declare required environment variables and dependencies (so the credential access is explicit). If you cannot verify the external calling component, treat the calling/delegation portion as a potential data-exfiltration risk and avoid enabling live-call execution.Like a lobster shell, security has layers — review code before you run it.
callingvk970necmvw7z36aa4rr9pksfsx8178gglatestvk970necmvw7z36aa4rr9pksfsx8178ggreal-estatevk970necmvw7z36aa4rr9pksfsx8178gg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.