VAPI Calls

Advanced AI voice assistant for phone calls. Capable of persuasion, sales, restaurant bookings, reminders, and notifications.

This skill appears to do what it says (make autonomous phone calls), but take these precautions before installing/using it: - Understand the network exposure: you must provide a publicly reachable WEBHOOK_BASE_URL (via ngrok, Cloudflare Tunnel, or a public server). That means inbound traffic will reach a server running on your machine; only do this from systems you control and trust. - Protect the API key: VAPI_API_KEY is sent in Authorization headers to api.vapi.ai. Treat it as a secret — use an account/key with limited scope and rotate/revoke keys if needed. - Verify the source: SKILL.md references a GitHub repo, but the skill's homepage/source are listed as unknown. If you plan to use it in production, inspect the repository or author history to confirm authenticity. - Packaging mismatch: SKILL.md asks for pip 'requests' and the code is Python, but package.json lists an npm dependency and a postinstall chmod. This is likely harmless leftover, but verify installation steps and avoid running untrusted package managers or scripts without review. - Legal and ethical considerations: automated calls (sales, persuasion) have regulatory and consent implications in many jurisdictions. Ensure recipients have provided consent and you understand applicable laws and platform billing. - Isolation: run first in an isolated/test environment (VM/container) and use ephemeral/test credentials. Check the logs written under ~/.openclaw/workspace/logs/vapi-calls to confirm expected behavior. If any of the above is unacceptable or you cannot verify the upstream source, treat the skill as untrusted and do not provide production credentials or expose sensitive systems to it.

Type: OpenClaw Skill Name: vapi-calls Version: 1.0.0 The skill is classified as suspicious primarily due to its explicit requirement for the user's machine to be publicly reachable from the internet via a webhook URL and port (default 4430), as detailed in `SKILL.md` and implemented in `scripts/vapi_calls.py`. While this is necessary for the skill's stated purpose of receiving real-time call updates from Vapi.ai, it introduces a significant security risk by exposing a port on the user's machine to the internet. The skill otherwise appears to function as described, making API calls to `https://api.vapi.ai` and logging call results locally, without evidence of intentional malicious behavior like data exfiltration to unauthorized endpoints, persistence mechanisms, or direct prompt injection against the OpenClaw agent.