TeddyMobile Vox Phone Notification
PassAudited by VirusTotal on May 13, 2026.
Overview
Type: OpenClaw Skill Name: teddymobile-vox-phone-notification Version: 1.0.0 The skill bundle provides a legitimate integration for the TeddyMobile Vox outbound phone notification service. It includes well-documented logic for natural language parsing (chat-to-notification.js), HMAC-SHA256 request signing (hmac-outbound-client.js), and a standard credential loading mechanism that checks environment variables and a service-specific local file (~/.teddymobile/credentials.json). All network activity is directed to the official platform domain (vox.teddymobile.cn), and there is no evidence of data exfiltration, unauthorized execution, or malicious prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A configured runtime could place phone calls to supplied numbers, which may have cost, privacy, or abuse implications if triggered incorrectly.
The helper can submit outbound phone-notification requests to the provider API, which is the stated purpose but is still a real external side effect.
const response = await fetchImpl(`${baseUrl}${path}`, { method: 'POST', ... body: JSON.stringify(requestBody) });Require clear user or business authorization before each call, validate the phone number and message, and add rate limiting or allowlists for production use.
Anyone with access to those credentials may be able to use the TeddyMobile account’s outbound notification capability.
The skill requires TeddyMobile app credentials and a bot/outbound number to act on the user's provider account; this is disclosed and purpose-aligned.
Configure those credentials with environment variables or a local file such as `~/.teddymobile/credentials.json`.
Store credentials outside source control, restrict file permissions, rotate secrets if exposed, and grant only the TeddyMobile capabilities needed for notifications.
If a hosted zip URL is replaced or served from an untrusted source, users could install a different skill than the one reviewed here.
The release guidance supports installing from a custom hosted zip URL, which is normal for this distribution model but depends on the integrity of that hosted package.
Upload the zip to a stable HTTPS URL ... public HTTPS access ... direct download without login
Install only from trusted URLs, compare the downloaded contents to the reviewed package, and prefer signed or checksummed releases where available.
Stored notification records may contain phone numbers and business details that should not be retained longer than necessary or reused for unrelated tasks.
The integration template suggests persisting phone numbers and business notification context for callback correlation; this is useful but creates stored sensitive context.
Before calling TeddyMobile, save a record keyed by `requestId`. Suggested fields: `requestId`, `callee`, `task`, `variables`, `status`, `createdAt`
Define retention, access controls, and deletion for notification context, and avoid storing unnecessary message content.
If deployed publicly without verification, unrelated callers could reach the callback endpoint and potentially trigger callback processing or agent work.
The optional callback example accepts provider webhook-style POSTs and streams SSE responses, but the sample does not show origin, signature, or authentication checks.
app.post('/vox/callback', async (req, res) => { const body = req.body || {}; ... res.setHeader('Content-Type', 'text/event-stream');Treat the callback server as an example only; in production, verify TeddyMobile callback authenticity, use HTTPS, restrict network access where possible, and avoid trusting callback text as authoritative instructions.