Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Vapi Skill
v0.1.0Manage Vapi voice assistants, calls, phone numbers, tools, and webhooks via Vapi REST API or CLI commands within OpenClaw.
⭐ 0· 1.5k·0 current·0 all-time
byColin Lowenburg@colygon
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
SKILL.md describes managing Vapi assistants, calls, phone numbers, tools, and webhooks — which is coherent with needing a Vapi API key. However the package metadata lacks a description and declares no required env vars or code files, while the README references a helper script (skills/vapi/bin/vapi-api.mjs) that is not present in the manifest. The absence of the promised helper file and missing description/metadata are inconsistent with the claimed capability.
Instruction Scope
Runtime instructions ask the agent/operator to supply VAPI_API_KEY, run a Node helper script (examples use skills/vapi/bin/vapi-api.mjs), and optionally install the Vapi CLI. The skill doc also instructs running external install scripts (curl -sSL https://vapi.ai/install.sh | bash). The SKILL.md therefore directs agent operators to install and run external code and to export secrets — but the bundle does not contain the referenced helper script, creating a gap between instructions and delivered artifacts.
Install Mechanism
There is no formal install spec in the package, but SKILL.md recommends installing the Vapi CLI by piping a remote install.sh from vapi.ai into bash (curl | bash). That pattern is high-risk because it runs remote code without local inspection. The skill also refers to a local Node helper that is not present in the skill bundle, so it's unclear whether users are expected to fetch code from external locations.
Credentials
The registry metadata lists no required env vars, yet SKILL.md clearly requires a VAPI_API_KEY (and optionally VAPI_MODE). Requesting a single API key is proportionate to the stated functionality; the problem is the metadata/manifest failing to declare that secret and the skill instructing users to place secrets in their shell or gateway. This mismatch is an incoherence that could lead to unexpected secret handling.
Persistence & Privilege
The skill does not request persistent presence (always:false) and does not declare modifications to other skills or system-wide settings. It does instruct users to store the API key as an env var or gateway secret, which is normal for an API-integration skill.
What to consider before installing
This skill appears to be intended for managing Vapi voice agents, which would legitimately need a VAPI_API_KEY — but the bundle is inconsistent: the manifest contains only SKILL.md, yet the docs reference a local helper script that is not included and recommend running a remote install script via curl | bash. Before installing or using this skill: 1) Confirm whether the missing helper file (skills/vapi/bin/vapi-api.mjs) should be included; ask the publisher for the full package or source. 2) Do not run curl | bash on production machines without inspecting the script; prefer installing from a vetted package or from the official GitHub release. 3) Provide the VAPI_API_KEY only via a secure gateway secret or a credentials manager — do not paste it into logs or chat. 4) If you must test, run in an isolated environment (container/VM) and inspect any downloaded scripts and the helper code. 5) Ask the skill author to update registry metadata to declare required env vars and to either include the helper script or provide exact, verifiable URLs for it. These steps will reduce risk and resolve the current inconsistencies.Like a lobster shell, security has layers — review code before you run it.
latestvk975vgngv0ekpzqra9qq9rw1vn80pbjq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.