← 返回 Skills 市场
134
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install gv-caller
功能描述
使用 Google Voice 自动拨打电话并播放 AI 生成的语音(TTS)或本地音频。
使用说明 (SKILL.md)
gv-caller 📞
一个让你的 OpenClaw Agent 具备物理外呼能力的黑科技插件。它通过无头浏览器(Puppeteer)直接驱动 Google Voice 网页端,实现低成本、自动化的语音通话。
✨ 核心特性
- 自动拨号:支持全球号码拨打(遵循 Google Voice 费率)。
- 音频注入:支持将 AI 生成的语音(TTS)或本地
.wav文件直接“灌入”通话,对方接听即可听到。 - 自然语言交互:直接对 Agent 说“给主人打个电话说开会了”,即可自动触发。
- 持久会话:通过 Cookie 注入,无需反复登录验证。
🛠️ 前置要求
- Google Voice 账户:且账户内有足够余额(拨打非美加号码)。
- 环境依赖:
chromium浏览器ffmpeg(用于音频转码)puppeteer-core(Node.js 库)
- 认证信息:需在技能目录下准备好
google_voice_cookies.json。
🚀 快速开始
1. 自动提取信息拨打
直接在飞书/控制台对 Agent 说:
"打电话给 +8615912345678 告诉他文档已经写好了。"
2. 命令行手动调用
# 拨打并朗读指定文字
openclaw skills run gv-caller -- --number +86159xxxx --text "你好,任务已完成"
# 拨打并播放本地音频文件
openclaw skills run gv-caller -- --number +86159xxxx --audio /tmp/music.wav --duration 30
⚙️ 配置说明
| 参数 | 必填 | 默认值 | 说明 |
|---|---|---|---|
--number |
✅ | - | 目标号码 (E.164格式) |
--text |
❌ | - | 要朗读的文本,支持自动 TTS 转语音 |
--audio |
❌ | - | 本地音频路径 (建议 16k/44.1k wav) |
--duration |
❌ | 60 | 通话保持时长 (秒) |
⚠️ 安全与隐私
- 请妥善保管
google_voice_cookies.json,其中包含您的 Google 账户访问权限。 - 请遵守当地法律法规,严禁将本工具用于骚扰、电信诈骗或任何非法用途。
Author: Joe & OpenClaw Assistant License: MIT
安全使用建议
This skill does what it claims (automated Google Voice calling with injected audio), but there are several red flags you should resolve before installing or running it:
- Protect your Google credentials: the engine reads a cookie file with account session cookies. Confirm where you will store google_voice_cookies.json and avoid putting it in shared/root workspaces. The code currently reads '/root/.openclaw/workspace/google_voice_cookies.json' (hardcoded) — ask the author to make this path configurable or change it to the skill directory before use.
- Verify dependencies: you must install Node.js, puppeteer-core (and matching Chromium), ffmpeg, and provide the 'openclaw tts' CLI the script expects. The registry metadata does not declare these; ensure they are present and trustworthy.
- Run in isolation: because the skill automates a real Google account and uses session cookies, test it in an isolated environment or with a throwaway Google Voice account to avoid accidental exposure or misuse.
- Review and/or patch code: the hardcoded '/usr/bin/chromium' path and '/root/.openclaw/workspace/...' cookie location are brittle and surprising. Change these to configurable options (read from the skill's directory or arguments) and avoid requiring root paths.
- Legal/ethical caution: automated outbound calling may be subject to local laws and abuse policies; do not use for harassment or fraud.
If the author provides a fixed release that (a) declares required binaries/dependencies, (b) makes the cookie path configurable and documented, and (c) does not read root/shared workspaces by default, this would substantially reduce the concerns.
功能分析
Type: OpenClaw Skill
Name: gv-caller
Version: 1.0.1
The skill automates Google Voice calls via Puppeteer but contains a shell injection vulnerability in `bin/call.sh`, where the `$TEXT` variable is passed to a command without sanitization, potentially allowing arbitrary command execution. It also hardcodes a path to sensitive session data (`/root/.openclaw/workspace/google_voice_cookies.json`) and uses high-risk browser flags like `--use-file-for-fake-audio-capture` to inject audio into telephony streams, which are capabilities that could be easily abused for unauthorized execution or spam.
能力评估
Purpose & Capability
The code and docs consistently implement Google Voice dialing with audio injection via Puppeteer and a virtual microphone, which matches the advertised purpose. However, the skill metadata lists no dependencies while SKILL.md and the scripts require chromium, ffmpeg, puppeteer-core, and an OpenClaw TTS CLI — this is a mismatch.
Instruction Scope
SKILL.md instructs the user to place google_voice_cookies.json in the skill directory, but lib/engine.js reads cookies from a hardcoded path '/root/.openclaw/workspace/google_voice_cookies.json'. The engine also reads/writes files under /tmp (TTS outputs and screenshots) and expects an 'openclaw tts' CLI to exist; these file/CLI accesses are not declared in the skill's "Requirements" section and broaden the skill's scope unexpectedly.
Install Mechanism
There is no install spec (instruction-only install), which minimizes installation risk. But runtime requires Node.js modules (puppeteer-core) and native binaries (chromium, ffmpeg); these are not enforced by the registry metadata and must be installed by the user.
Credentials
No environment variables or config paths are declared, yet the code requires and reads a sensitive cookie file containing Google session credentials. The cookie path is hardcoded to a root-owned workspace location, which could give the skill access to credentials in a location the user didn't expect. Also the skill relies on an external 'openclaw tts' command and generated files under /tmp, none of which are declared.
Persistence & Privilege
always:false (normal), but the skill reads a cookie file from a shared-looking root workspace path: '/root/.openclaw/workspace/google_voice_cookies.json'. That hardcoded path could access credentials or artifacts created by other components or users on the host, which is a privilege concern even though the skill does not explicitly persist itself or alter other skills.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install gv-caller - 安装完成后,直接呼叫该 Skill 的名称或使用
/gv-caller触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Initial release documentation update and changelog addition.
v1.0.0
Initial release of Google Voice automated calling with AI voice injection.
元数据
常见问题
Gv Caller 是什么?
使用 Google Voice 自动拨打电话并播放 AI 生成的语音(TTS)或本地音频。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 134 次。
如何安装 Gv Caller?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install gv-caller」即可一键安装,无需额外配置。
Gv Caller 是免费的吗?
是的,Gv Caller 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Gv Caller 支持哪些平台?
Gv Caller 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Gv Caller?
由 joe12801(@joe12801)开发并维护,当前版本 v1.0.1。
推荐 Skills