← 返回 Skills 市场
Tour Booking
作者
danielfoch
· GitHub ↗
· v0.1.0
693
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install tour-booking
功能描述
Sub-agent for outbound listing-office calls to request and confirm property showing slots using a provided call script and structured payloads. Use when a pa...
安全使用建议
This skill implements outbound phone calls and will send job data (client name, address, phone, timezone and other metadata) to ElevenLabs when run in live mode. The bundle and SKILL.md do not declare the two required env vars (ELEVENLABS_API_KEY and ELEVENLABS_AGENT_ID) in the registry metadata — that mismatch reduces transparency. Before enabling live calls: 1) Keep to dry-run mode for testing. 2) Review the included scripts (prepare_call_payload.py and place_outbound_call.py) yourself to confirm what fields are sent. 3) Only provide ELEVENLABS credentials in a secure environment, and consider using credentials with limited scope. 4) Do not set ELEVENLABS_OUTBOUND_URL to an untrusted endpoint (it can redirect where PII is sent). 5) If you need higher assurance, ask the publisher to update the registry metadata to declare required env vars and provide an authoritative homepage/source, or run the skill in an isolated environment first.
功能分析
Type: OpenClaw Skill
Name: tour-booking
Version: 0.1.0
The skill is classified as suspicious due to significant vulnerabilities related to input sanitization. The `scripts/prepare_call_payload.py` script directly uses `listing['office_phone']` from user-controlled input as the `to_number` for outbound calls, enabling potential arbitrary phone calls to untrusted destinations. Additionally, the `system_prompt` for the ElevenLabs AI agent is constructed using f-strings with user-controlled inputs (`client_name`, `address`, `preferred_windows_text`), creating a prompt injection vulnerability against the downstream AI agent. While the skill's core function of making outbound calls via ElevenLabs is legitimate, these vulnerabilities could be exploited for malicious purposes if the inputs are not properly sanitized by the calling workflow.
能力评估
Purpose & Capability
The skill's code and docs clearly implement outbound phone calls via ElevenLabs (preparing payloads, placing calls, parsing results) which is coherent with the name/description. However the registry metadata lists no required environment variables or primary credential, while the code and references explicitly require ELEVENLABS_API_KEY and ELEVENLABS_AGENT_ID for live calls. That metadata omission is an inconsistency and reduces transparency.
Instruction Scope
SKILL.md runbook is narrow and actionable: build a payload from a job file, run a dry-run or live call, then parse results. The instructions do not ask the agent to read unrelated system files or credentials. They do rely on files placed in /tmp (job/payload/result), which is expected for this kind of tool.
Install Mechanism
No install spec (instruction-only with bundled scripts). No remote downloads or package installs are performed by the skill; script files are included in the bundle. This is low install risk.
Credentials
Live operation requires ELEVENLABS_API_KEY and ELEVENLABS_AGENT_ID (and optionally ELEVENLABS_OUTBOUND_URL) which are reasonable for a third-party voice service, but the skill metadata does not declare them. The skill will send PII (client name, address, office phone, metadata) to the external ElevenLabs endpoint; the endpoint URL is overrideable via ELEVENLABS_OUTBOUND_URL, which if misconfigured could redirect PII to an arbitrary server. These facts should be disclosed before assigning credentials.
Persistence & Privilege
The skill is not marked always:true and does not request system-wide config changes. It does not attempt to persist credentials or modify other skills. Autonomous invocation is allowed (platform default) but not combined with other high-privilege settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install tour-booking - 安装完成后,直接呼叫该 Skill 的名称或使用
/tour-booking触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
- Initial release of tour-booking sub-agent for outbound property showing calls.
- Supports structured payload generation and consistent call scripting for listing-office interactions.
- Integrates with ElevenLabs for live or dry-run outbound call execution.
- Parses and normalizes call outcomes into standardized booking statuses.
- Includes clear runbook workflows and caller guardrails for responsible AI communication.
元数据
常见问题
Tour Booking 是什么?
Sub-agent for outbound listing-office calls to request and confirm property showing slots using a provided call script and structured payloads. Use when a pa... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 693 次。
如何安装 Tour Booking?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install tour-booking」即可一键安装,无需额外配置。
Tour Booking 是免费的吗?
是的,Tour Booking 完全免费(开源免费),可自由下载、安装和使用。
Tour Booking 支持哪些平台?
Tour Booking 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Tour Booking?
由 danielfoch(@danielfoch)开发并维护,当前版本 v0.1.0。
推荐 Skills