Supercall

The skill is classified as suspicious due to its inherent high-risk capabilities and a potential vulnerability. It explicitly spawns external processes (`ngrok`, `tailscale` CLI binaries) for tunneling, opens a local HTTP server, makes outbound network requests to Twilio and OpenAI, and persists sensitive call transcripts to disk (`~/clawd/supercall-logs`). While these actions are documented and necessary for its stated purpose of AI-powered phone calls, the `src/manager.ts` file contains a self-test mechanism that sends an internal `selfTestSecret` to the configured `publicUrl`. If `publicUrl` is misconfigured to an unintended external endpoint, this secret could be unintentionally exfiltrated, representing a vulnerability. There is no clear evidence of intentional malicious behavior such as unauthorized data exfiltration, backdoors, or prompt injection against the OpenClaw agent itself; the internal prompts are designed to guide the AI model's behavior during calls.