← Back to Skills Marketplace
britrik

Elevenlabs Twilio Memory Bridge

by Britrik · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
1058
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install elevenlabs-twilio-memory-bridge
Description
FastAPI personalization webhook that adds persistent caller memory and dynamic context injection to ElevenLabs Conversational AI agents on Twilio. No audio proxying, file-based persistence, OpenClaw compatible.
README (SKILL.md)

elevenlabs-twilio-memory-bridge

Personalization webhook service for ElevenLabs + Twilio voice agents with persistent caller memory.

What It Does

When a call arrives on your Twilio number, ElevenLabs' native integration triggers this webhook. The bridge looks up the caller's history, loads long-term memory facts and daily context notes, combines them with a customizable soul/personality template, and returns everything as a system prompt override so your agent greets each caller with full context.

Architecture

  • No audio proxying - ElevenLabs and Twilio handle media directly
  • Webhook only - called once per inbound call to inject context
  • File-based persistence - JSON files in ./data/, zero external dependencies
  • OpenClaw compatible - works with any OpenAI-compatible LLM endpoint

Endpoints

Endpoint Method Purpose
/webhook/personalize POST ElevenLabs calls this on inbound call
/webhook/post-call POST Optional post-call cleanup
/api/memory/{phone_hash} POST Add long-term fact about a caller
/api/notes POST Add global or caller-scoped context note
/health GET Health check

Setup

  1. Clone repo, pip install -r requirements.txt
  2. Copy .env.example to .env, fill in secrets
  3. Configure ElevenLabs agent with Custom LLM pointing to your OpenClaw instance
  4. Enable system prompt + first message overrides in agent Security settings
  5. Add webhook URL https://your-domain/webhook/personalize in ElevenLabs settings
  6. Import Twilio number in ElevenLabs dashboard
  7. Run: uvicorn app:app --host 0.0.0.0 --port 8000

Required Environment Variables

  • ELEVENLABS_API_KEY - scoped ElevenLabs key
  • ELEVENLABS_AGENT_ID - your agent ID
  • OPENCLAW_API_BASE_URL - your OpenClaw instance URL
  • PUBLIC_BASE_URL - publicly reachable URL of this service

Security

  • All caller phone numbers are SHA-256 hashed before storage/logging
  • Secrets loaded exclusively from environment variables
  • Optional HMAC webhook signature verification
  • Safe for public GitHub repos, no secrets in source
Usage Guidance
This implementation appears to do what it says, but take care before deploying: - Metadata mismatch: the registry listing claims no required env vars, but SKILL.md and manifest.json require ELEVENLABS_API_KEY, ELEVENLABS_AGENT_ID, OPENCLAW_API_BASE_URL, PUBLIC_BASE_URL (and optional WEBHOOK_SECRET). Treat the manifest/SKILL.md as authoritative and correct the registry metadata if you publish. - Mandatory webhook verification: set WEBHOOK_SECRET and configure the same secret in ElevenLabs so the service verifies HMAC signatures. Without this, anyone can POST to /webhook/personalize and mimic ElevenLabs. - Protect admin endpoints: /api/memory/{phone_hash} and /api/notes allow adding content that will be injected into the system prompt. These endpoints have no authentication in the provided code — run the service behind a firewall/reverse-proxy and require authentication (API key, IP allowlist, or at minimum basic auth) or remove these endpoints in public deployments. - Audit the soul_template: it contains sensitive personal details (names, health, family) — review and remove or sanitize any PII you don't want stored or exposed in a public repo or public endpoint. - Use TLS and network controls: run behind TLS (Cloudflare Tunnel, nginx with TLS), restrict access to known ElevenLabs IPs if possible, and put the service on a private network or auth-protected endpoint. - File permissions and backups: DATA_DIR holds persistent memories — ensure correct filesystem permissions, encryption at rest if needed, and retention/erasure policies for privacy compliance. - Least-privilege API keys: use scoped ElevenLabs/OpenClaw keys and rotate them regularly. If you harden the webhook (enforce HMAC, authenticate admin endpoints, and restrict network access) and correct the listing metadata, the skill is coherent with its stated purpose. Without those mitigations it presents a real risk of remote prompt injection and data manipulation.
Capability Analysis
Type: OpenClaw Skill Name: elevenlabs-twilio-memory-bridge Version: 1.0.0 The skill is a FastAPI application designed to act as a personalization webhook for ElevenLabs conversational AI agents. It uses file-based persistence for caller memory and notes within a designated `./data` directory, hashes phone numbers for privacy, and includes HMAC webhook signature verification. All file operations and network interactions are aligned with its stated purpose of injecting context into an LLM. There is no evidence of data exfiltration, malicious execution, persistence mechanisms beyond its own data files, or prompt injection against the OpenClaw agent itself. The instructions in SKILL.md and README.md are for user setup, and the `soul_template.md` is for prompt engineering the target LLM, not for subverting the OpenClaw platform.
Capability Assessment
Purpose & Capability
The code implements a FastAPI webhook that assembles a system prompt from a soul template, per-caller session state, memories, and notes — this aligns with the skill's stated purpose. However the registry metadata (top-level summary) claims 'Required env vars: none' and 'Primary credential: none', while SKILL.md and manifest.json declare ELEVENLABS_API_KEY, ELEVENLABS_AGENT_ID, OPENCLAW_API_BASE_URL, PUBLIC_BASE_URL (and optional WEBHOOK_SECRET). That metadata mismatch is inconsistent and should be corrected.
Instruction Scope
SKILL.md and the code instruct running a public webhook that persists JSON under ./data and exposes endpoints to add memories/notes. The code does not require authentication for the admin API endpoints (/api/memory/{phone_hash}, /api/notes) and the personalization webhook signature verification is optional (depends on WEBHOOK_SECRET). If the webhook secret is not set or endpoints are publicly reachable without further restrictions, an attacker can post arbitrary memory/notes which are injected into the system prompt (direct prompt injection of the agent). The instructions do recommend setting WEBHOOK_SECRET and TLS but do not mandate or show how to enforce authenticated access for the memory/notes endpoints.
Install Mechanism
No high-risk install mechanism is present: repository contains requirements.txt and typical pip install instructions. There are no downloads from untrusted URLs or extract steps. The skill is distributed as source files; install risk is standard for a Python web app.
Credentials
Requested environment variables (ELEVENLABS_API_KEY, ELEVENLABS_AGENT_ID, OPENCLAW_API_BASE_URL, PUBLIC_BASE_URL, optional WEBHOOK_SECRET, DATA_DIR, etc.) are appropriate for the described integration. The inconsistency is that the registry metadata claims none are required while manifest.json and SKILL.md list them — this is an incoherence in metadata, not the runtime behavior. The soul_template.md contains highly personal context (named individual 'Richard', family details) which is expected for personalization but is sensitive and should be reviewed before publishing or deploying.
Persistence & Privilege
The service writes persistent JSON files under DATA_DIR (./data by default) for sessions, memories, and notes. This is proportional to the feature (file-backed persistence). always:true is not set. The skill does not request elevated system privileges or attempt to modify other skills/configs. Ensure proper filesystem permissions and that the data directory is protected and backed up/erased per privacy requirements.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install elevenlabs-twilio-memory-bridge
  3. After installation, invoke the skill by name or use /elevenlabs-twilio-memory-bridge
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of elevenlabs-twilio-memory-bridge. - Adds persistent, file-based caller memory to ElevenLabs + Twilio voice agents. - Injects dynamic, personalized context and long-term memory at each call via FastAPI webhook. - No audio proxying; only context injection through system prompt overrides. - Fully compatible with OpenClaw and any OpenAI API-compatible LLM. - Exposes endpoints for memory/notes management, post-call cleanup, and health check. - Secure by design: hashes caller info, loads secrets from environment, optional HMAC verification.
v0.1.0
Initial public release of elevenlabs-twilio-memory-bridge: - Adds persistent caller memory, dynamic context injection, and session continuity for ElevenLabs Conversational AI agents via Twilio. - Implements lightweight FastAPI webhook architecture with no audio proxying. - Supports JSON file-based storage in ./data/ for zero external dependencies. - Compatible with OpenClaw and any OpenAI-compatible LLM backend. - Provides endpoints for personalization, memory management, and health checking. - Secures caller identity using SHA-256 hashing; all secrets via environment variables.
Metadata
Slug elevenlabs-twilio-memory-bridge
Version 1.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is Elevenlabs Twilio Memory Bridge?

FastAPI personalization webhook that adds persistent caller memory and dynamic context injection to ElevenLabs Conversational AI agents on Twilio. No audio proxying, file-based persistence, OpenClaw compatible. It is an AI Agent Skill for Claude Code / OpenClaw, with 1058 downloads so far.

How do I install Elevenlabs Twilio Memory Bridge?

Run "/install elevenlabs-twilio-memory-bridge" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Elevenlabs Twilio Memory Bridge free?

Yes, Elevenlabs Twilio Memory Bridge is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Elevenlabs Twilio Memory Bridge support?

Elevenlabs Twilio Memory Bridge is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Elevenlabs Twilio Memory Bridge?

It is built and maintained by Britrik (@britrik); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments