Advanced AI voice assistant for phone calls. Capable of persuasion, sales, restaurant bookings, reminders, and notifications.
Security Analysis
medium confidenceThe skill's code, required environment variables, and runtime instructions are coherent with a telephony/voice-call assistant, but it requires exposing a local webhook to the public internet and the repository/source metadata is unclear — review those before installing.
Name/description (AI phone call assistant) align with requested env vars (VAPI_API_KEY, ASSISTANT_ID, PHONE_NUMBER_ID, WEBHOOK_BASE_URL), required binary (python3), and the included Python script which posts to api.vapi.ai to create calls. The resources requested are proportional to the stated functionality.
SKILL.md and the script instruct the agent to open a local HTTP server and require the host to be reachable from the internet (via cloudflared/ngrok or direct exposure). This is necessary for real-time webhooks but is a meaningful operational risk: it grants inbound network access and requires the user to configure public tunnels or port forwarding.
No download/install spec; the skill is instruction + a small Python script. package.json only sets executable bit for the script and lists 'requests' (expected). No remote archives or opaque install steps are used.
All required environment variables are directly related to Vapi telephony operation. Optional vars (WEBHOOK_PORT, VAPI_LLM_PROVIDER, VAPI_LLM_MODEL) are documented in SKILL.md. The skill needs an API key (sensitive) and a public webhook URL — both justified by the service but should be scoped to a dedicated account/key if possible.
The skill does not request 'always:true' or privileged platform-wide settings. It writes logs to ~/.openclaw/workspace/logs/vapi-calls which is expected for call records; consider filesystem permissions and retention. The agent runs a temporary HTTP server during calls — no long-term background daemon or config changes beyond the log files.
Guidance
This skill appears to do what it says (make autonomous AI phone calls) and its required env vars match that purpose. Before installing: 1) Understand you must expose a local webhook endpoint (ngrok/cloudflared or open port) — this increases attack surface; prefer a dedicated tunneling session and firewall rules that only forward the webhook port. 2) Use a dedicated Vapi API key/account with minimal privileges and rotate/delete the key if you stop using the skill. 3) Verify the skill's source: registry metadata lists 'source: unknown' and homepage missing, even though SKILL.md references a GitHub repo — confirm the upstream repository and maintainer before trusting the code. 4) Review and secure the directory where logs are written (~/.openclaw/workspace/logs/vapi-calls) because call transcripts and summaries may contain sensitive data. 5) If you cannot accept exposing a webhook endpoint or providing an API key, do not install. If you proceed, run in an isolated environment (VM or container) and limit network exposure.
Latest Release
v1.0.4
- Updated skill name to "vapi-calls" and enhanced description for clarity. - Expanded documentation in SKILL.md with detailed setup, configuration, and troubleshooting guidance. - Clarified environment variables and webhook/public URL requirements for real-time call updates. - Improved tool schema and parameter descriptions for easier integration. - No breaking changes to functionality; documentation and onboarding improvements.
More by @MrsZ
Published by @MrsZ on ClawHub
