ClawHub

OpenClaw Phone Receipt

v1.0.1

Trigger and manage OpenClaw outbound phone receipts via ElevenLabs+Twilio for task completion/failure notifications. Use when user asks to call them after finishing/failing a task, asks to enable/disable fixed command toggles ("phone-receipt=on/off"), asks to test call quality, or asks to persist phone receipt behavior across sessions.

0· 979·0 current·0 all-time
by@tuofangzhe
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's files and SKILL.md implement outbound calls via ElevenLabs (and rely on a Twilio import step). However the registry metadata declares no required environment variables or primary credential despite the scripts and docs requiring ELEVENLABS_API_KEY, ELEVENLABS_AGENT_ID, ELEVENLABS_OUTBOUND_PHONE_ID, and TO_NUMBER (and the setup doc also references TWILIO_ACCOUNT_SID and TWILIO_AUTH_TOKEN). That mismatch is unexpected and incongruent with the skill's stated requirements.
Instruction Scope
SKILL.md confines actions to toggling a JSON state file (memory/phone-receipt-state.json) and invoking scripts to trigger calls. The trigger_call.sh sends a POST to ElevenLabs' convai/twilio/outbound-call endpoint using ELEVENLABS_API_KEY and env values; it does not attempt to read unrelated system files. Persisting state to workspace memory is expected for this feature.
Install Mechanism
There is no install spec (instruction-only skill with two small helper scripts). Nothing is downloaded or extracted from third-party URLs; risk from install mechanism is low.
!
Credentials
The skill actually requires sensitive API keys and a target phone number (ElevenLabs keys/IDs and TO_NUMBER) and the setup doc asks for Twilio credentials, but the registry metadata lists no required env vars or primary credential. Requiring API keys for outbound calls is expected, but failing to declare them in the manifest is an inconsistency that could hide the need to provide secrets. Confirm what secrets will be supplied and whether API key scopes are restricted.
Persistence & Privilege
The skill persists a small JSON state file under memory/phone-receipt-state.json and is not marked always:true. It does not modify other skills or system-wide configs. Autonomous invocation is allowed (platform default) but not excessive on its own.
What to consider before installing
This skill does what it claims (initiate outbound phone calls via ElevenLabs/Twilio) but the package metadata did not list the sensitive environment variables the scripts actually use. Before installing or supplying keys: (1) verify you trust the developer/source, (2) ensure you only provide an ElevenLabs API key with minimal required scopes (ConvAI read) and use a throwaway/test phone number when testing, (3) store .env files securely (avoid committing them), (4) understand that Twilio/ElevenLabs calls may incur cost and may require verified numbers, and (5) prefer adding the required env vars to the manifest or ask the publisher why the registry metadata omits them. If you cannot confirm these points, treat this skill with caution and avoid providing production credentials.

Like a lobster shell, security has layers — review code before you run it.

automationvk97d7gdvvp1ffsh0p2ee42kat580tryfelevenlabsvk97d7gdvvp1ffsh0p2ee42kat580tryflatestvk97d7gdvvp1ffsh0p2ee42kat580tryfphonevk97d7gdvvp1ffsh0p2ee42kat580tryftelegramvk97d7gdvvp1ffsh0p2ee42kat580tryftwiliovk97d7gdvvp1ffsh0p2ee42kat580tryf
979downloads
0stars
2versions
Updated 1mo ago
v1.0.1
MIT-0
@tuofangzhe
automationelevenlabslatestphonetelegramtwilio
Download

OpenClaw Phone Receipt

Use this skill to manage phone callback notifications.

Commands to honor

  • phone-receipt=on → enable phone receipt policy
  • phone-receipt=off → disable phone receipt policy

State file:

  • memory/phone-receipt-state.json

Default behavior

  1. If user asks for callback on completion/failure, set enabled=true.
  2. Default policy is now:
    • policy.onComplete=false
    • policy.onFailure=true
    • policy.onUrgent=true
  3. Persist state to memory/phone-receipt-state.json.
  4. For immediate test call, run scripts/trigger_call.sh.

Delivery strategy (must follow)

  • Phone call only when:
    1. task failed, OR
    2. user explicitly marks task as urgent (e.g., “urgent/high-priority”).
  • All other non-urgent successful tasks:
    • send Telegram text summary only (no phone call).

When phone is not required by policy, use message delivery (Telegram text) as default receipt path.

Tools/scripts

  • Toggle state:
    • python3 skills/openclaw-phone-receipt/scripts/set_phone_receipt_state.py on
    • python3 skills/openclaw-phone-receipt/scripts/set_phone_receipt_state.py off
  • Trigger call now:
    • bash skills/openclaw-phone-receipt/scripts/trigger_call.sh

Call prerequisites

Requires .env.elevenlabs-call with:

  • ELEVENLABS_AGENT_ID
  • ELEVENLABS_OUTBOUND_PHONE_ID
  • TO_NUMBER

ELEVENLABS_API_KEY can come from shell env or .env.elevenlabs-call.

For full setup (Twilio purchase/verify, ElevenLabs import, key scopes, troubleshooting), read:

  • references/setup.md

For ClawHub upload checklist (version/changelog/size requirements), read:

  • references/publish-clawhub.md

Failure handling

If call fails, return concise root cause and next action:

  • unverified target number (Twilio trial)
  • missing ConvAI scope (convai_read)
  • missing agent/phone ids

Comments

Loading comments...