← 返回 Skills 市场
1986
总下载
0
收藏
1
当前安装
2
版本数
在 OpenClaw 中安装
/install xiaomi-outbound-call
功能描述
触发阿里云晓蜜外呼机器人任务,自动批量拨打电话。适用于批量外呼、客户回访、满意度调查、简历筛查约面试等场景。可从前置工具或节点获取外呼名单。
安全使用建议
This skill appears to implement Alibaba Cloud outbound-calling functionality and does require your ALIYUN AccessKey ID and Secret to operate, but the registry metadata fails to declare those env variables and the package contains a large bundled JS file. Before installing or running: 1) Confirm the publisher identity and source (no homepage provided). 2) Inspect scripts/bundle.js (or run it in a sandbox) to ensure there are no unexpected network endpoints or exfiltration behavior. 3) Only provide ALIYUN_* credentials you are willing to expose to this code; consider using a limited-permission account. 4) Test with non-sensitive phone numbers and verify the skill prompts for explicit confirmation before any call. 5) Ensure you comply with local regulations on automated calling and consent. If you need to proceed but lack the ability to audit the bundle, treat this as higher risk and avoid supplying real credentials or running in production.
功能分析
Type: OpenClaw Skill
Name: xiaomi-outbound-call
Version: 1.0.1
The skill enables bulk outbound calls via Alibaba Cloud, which is a high-risk capability. It requires sensitive Alibaba Cloud AccessKey credentials (`ALIYUN_OUTBOUND_BOT_ACCESS_KEY_ID`, `ALIYUN_OUTBOUND_BOT_ACCESS_KEY_SECRET`) to be configured as environment variables (`SKILL.md`, `references/config.md`). While the core function is risky, the `SKILL.md` explicitly instructs the AI agent to obtain **mandatory user confirmation** before initiating any outbound calls, significantly mitigating the risk of unauthorized use. There is no clear evidence of intentional harmful behavior like data exfiltration or persistence, but the inherent risk of automated bulk calling warrants a 'suspicious' classification.
能力评估
Purpose & Capability
The skill's stated purpose (driving 阿里云晓蜜 outbound tasks) legitimately requires Alibaba Cloud credentials and a Node.js runtime, which the SKILL.md documents. However the registry metadata declares no required environment variables or primary credential, which is inconsistent with the documented need for ALIYUN_OUTBOUND_BOT_ACCESS_KEY_ID and ALIYUN_OUTBOUND_BOT_ACCESS_KEY_SECRET. Also the package claims to be instruction-only but includes a ~3.2MB bundled script, a mismatch in manifest vs. contents.
Instruction Scope
SKILL.md scopes operations to collecting phone lists, building an agentProfile, confirming with the user, then invoking node scripts/bundle.js. It explicitly requires user confirmation before dialing (good), but it also directs agents to pull phone numbers from preceding tools and to 'directly pass' them to the skill, which could enable dialing personal contact data if confirmation steps are bypassed. The instructions require environment variables (Aliyun AK/SK) and reference only the outbound bot console; they do not instruct reading unrelated system files.
Install Mechanism
There is no install spec (lowest install risk), but a large bundled JavaScript (scripts/bundle.js) is included and intended to be executed with node. Bundling is common, but the manifest claiming instruction-only while including executable code is an inconsistency worth noting. No external download URLs or install-from-internet steps were found.
Credentials
The SKILL.md requires two Alibaba Cloud credentials (ALIYUN_OUTBOUND_BOT_ACCESS_KEY_ID and ALIYUN_OUTBOUND_BOT_ACCESS_KEY_SECRET), which are proportionate to interacting with Alibaba Cloud. However the registry metadata does not declare these required environment variables or a primary credential — that mismatch reduces transparency and is a security concern because users may install without realizing they must supply sensitive keys. No other unrelated credentials are requested.
Persistence & Privilege
Skill flags are normal: always is false and autonomous invocation is allowed (platform default). The skill does not request permanent platform presence, nor does it declare modifications to other skills or global agent configuration.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install xiaomi-outbound-call - 安装完成后,直接呼叫该 Skill 的名称或使用
/xiaomi-outbound-call触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
xiaomi-outbound-call 1.0.1
- No code or file changes detected in this version.
- Documentation and usage remain unchanged.
- All agent best practices, input formats, and operational flows continue as before.
v1.0.0
Initial release for xiaomi-outbound-call (阿里云晓蜜外呼机器人):
- Enables automated, batch outbound calling tasks for scenarios like customer outreach, surveys, interview scheduling, and notifications.
- Supports input via JSON files or environment variables, auto-extracts phone lists and context from upstream tools/nodes.
- Provides detailed agent configuration with customizable roles, dialogue flows, and communication styles for optimized outbound interactions.
- Implements a strict confirmation step: always summarizes task details and requires explicit user confirmation before executing calls.
- Includes robust input format support with auto-parsing from various business system outputs.
- Enforces prerequisite checks such as Aliyun credential setup and phone number binding, with clear error feedback.
元数据
常见问题
通义晓蜜 - 智能外呼 是什么?
触发阿里云晓蜜外呼机器人任务,自动批量拨打电话。适用于批量外呼、客户回访、满意度调查、简历筛查约面试等场景。可从前置工具或节点获取外呼名单。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1986 次。
如何安装 通义晓蜜 - 智能外呼?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install xiaomi-outbound-call」即可一键安装,无需额外配置。
通义晓蜜 - 智能外呼 是免费的吗?
是的,通义晓蜜 - 智能外呼 完全免费(开源免费),可自由下载、安装和使用。
通义晓蜜 - 智能外呼 支持哪些平台?
通义晓蜜 - 智能外呼 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 通义晓蜜 - 智能外呼?
由 Raven-XIA(@raven-xia)开发并维护,当前版本 v1.0.1。
推荐 Skills