Skills
skills/insight68/skills/voice-call/Gen Agent Trust Hub

voice-call

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill documents an interface for processing and transmitting voice messages, creating a surface for indirect prompt injection.\n
  • Ingestion points: Data enters through the message parameter in actions such as initiate_call and speak_to_user (SKILL.md).\n
  • Boundary markers: No delimiters or "ignore" instructions are defined to separate user-provided message content from agent instructions.\n
  • Capability inventory: The skill provides the ability to initiate outbound calls and transmit text-to-speech via the openclaw CLI.\n
  • Sanitization: There is no mention of sanitization or validation of the message content.\n- [COMMAND_EXECUTION]: The skill executes external CLI commands to manage telephony providers.\n
  • Evidence: The agent is instructed to use openclaw voicecall for placing calls and retrieving status (SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 08:21 PM