Pine Voice

Give your agent a real phone. It dials, waits on hold, negotiates your bills, and returns a full transcript.

This skill appears to do what it says, but it requires you to: (1) Create/sign in to a Pine account and provide the verification code (the scripts store an access token at ~/.pine-voice/credentials.json). (2) Supply potentially sensitive callee_context (account numbers, payment info, authentication data) which will be transmitted to Pine's servers as part of the call. Before installing or using: verify the domain (19pine.ai) and the API endpoints you expect; decide whether you're comfortable transmitting any sensitive data to this external service; consider creating a Pine account with minimal permissions or a separate test account; delete ~/.pine-voice/credentials.json when you no longer want the skill to have access; and avoid sending full payment card numbers or passwords in call context unless you accept that they will be sent to Pine. If you have concerns about the 'staging' gateway hostname, ask the skill author for confirmation or a production endpoint.

Type: OpenClaw Skill Name: pine-voice Version: 1.2.2 The OpenClaw AgentSkills bundle 'pine-voice' is classified as benign. Its purpose is to enable the AI agent to make phone calls on behalf of the user, which inherently involves handling and transmitting sensitive information (e.g., account details, negotiation objectives) to the `19pine.ai` service, as explicitly stated in `SKILL.md`. The local storage of API credentials in `~/.pine-voice/credentials.json` is handled securely with `0o600` permissions, and all network communications are directed to the documented `19pine.ai` endpoints. There is no evidence of unauthorized data exfiltration, malicious execution, persistence mechanisms, obfuscation, or deceptive prompt injection attempts against the agent. The instructions in `SKILL.md` are clear, transparent, and directly aligned with the skill's stated functionality.