zzz

The skill is an AI telephony assistant and requests a Vapi API key, assistant ID, phone-number ID, and a public webhook URL; these are appropriate and expected for making/receiving telephony callbacks. Required binary (python3) and requests dependency are proportional. Minor metadata inconsistency: skill name in the registry input ('zzz') doesn't match SKILL.md/package (vapi-calls), and package.json lists envs but registry primary credential is 'none' despite VAPI_API_KEY being required.

SKILL.md and the included script explicitly instruct the agent to start an HTTP server and require the host machine be reachable from the internet (Cloudflare Tunnel/ngrok). The runtime code only reads the declared environment variables (plus optional LLM provider/model), calls the documented API endpoint (https://api.vapi.ai/call), handles webhooks for the expected call ID, and writes per-call JSON logs under ~/.openclaw/workspace/logs. No instructions to read other system files or unrelated credentials were found, but the requirement to expose a local port is a meaningful operational risk that users must evaluate.

This is instruction-only with a small Python script bundled. No external download URLs or archive extraction are used; package.json runs a chmod on the script during postinstall. No high-risk install mechanism detected.

Required env vars (VAPI_API_KEY, VAPI_ASSISTANT_ID, VAPI_PHONE_NUMBER_ID, WEBHOOK_BASE_URL) are relevant to telephony and appear justified. Optional VAPI_LLM_PROVIDER and VAPI_LLM_MODEL are reasonable. One minor inconsistency: the registry metadata lists no primary credential while the skill clearly depends on a sensitive API key (VAPI_API_KEY).

The skill does not request always:true and does not modify other skills. It spawns an HTTP server bound to 0.0.0.0 on a user-specified port and writes call logs under the user's home directory; this is expected for a webhook-based telephony skill but is a persistence/attack surface consideration (open port, reachable webhook).