Is Voice Call Mcp Server safe to use?

Voice Call Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.

How do I install Voice Call Mcp Server?

Voice Call Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Voice Call Mcp Server do?

Voice Call Mcp Server provides 1 tool: initiate_call. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Voice Call Mcp Server?

Voice Call Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is Voice Call Mcp Server actively maintained?

Voice Call Mcp Server is not actively maintained — last commit was 408 days ago. It has 59 GitHub stars.

Voice Call Mcp Server

Name: Voice Call Mcp Server
Author: popcornspace

npm · by popcornspace

59 13.2M/wk 1 tool GitHub npm

No known CVEs

MIT license

Stale

Last commit 408d ago

Works with most clients

Transport: stdio, sse, http

1 tool · ~158 tok

Grade A · 0.1% of 200K ctx

Edit this pageView history

Communication

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "voice-call": {
      "env": {
        "TWILIO_NUMBER": "your_e.164_format_number",
        "OPENAI_API_KEY": "your_openai_api_key",
        "NGROK_AUTHTOKEN": "your_ngrok_authtoken",
        "TWILIO_AUTH_TOKEN": "your_auth_token",
        "TWILIO_ACCOUNT_SID": "your_account_sid"
      },
      "args": [
        "/path/to/your/mcp-new/dist/start-all.cjs"
      ],
      "command": "node"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/voice-call-mcp-server)](https://mcppedia.org/s/voice-call-mcp-server)

Read me

What Voice Call Mcp Server does

No description provided.

This server is thin — proceed with caution. Help improve this page →

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'npm' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

81/100across 5 weighted dimensions

How we score →

0255075100

−19

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

8 fixed

CVE-2022-29244low · fixedCVSS 3.1

Packing does not respect root-level ignore files in workspaces

### Impact `npm pack` ignores root-level `.gitignore` & `.npmignore` file exclusion directives when run in a workspace or with a workspace flag (ie. `--workspaces`, `--workspace=<name>`). Anyone who has run `npm pack` or `npm publish` with workspaces, as of [v7.9.0](https://github.com/npm/cli/releases/tag/v7.9.0) & [v7.13.0](https://github.com/npm/cli/releases/tag/v7.13.0) respectively, may be affected and have published files into the npm registry they did not intend to include. ### Patch - Up

Affected: >= 7.9.0Fixed in 8.11.0source →

CVE-2018-7408low · fixedCVSS 3

Incorrect Permission Assignment for Critical Resource in NPM

An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's blog without mention of pre-release status). It might allow local users to bypass intended filesystem access restrictions because ownerships of /etc and /usr directories are being changed unexpectedly, related to a "correctMkdir" issue.

Affected: >= 0Fixed in 5.7.1source →

CVE-2013-4116info · fixed

Local Privilege Escalation in npm

Affected versions of `npm` use predictable temporary file names during archive unpacking. If an attacker can create a symbolic link at the location of one of these temporary file names, the attacker can arbitrarily write to any file that the user which owns the `npm` process has permission to write to, potentially resulting in local privilege escalation. ## Recommendation Update to version 1.3.3 or later.

Affected: >= 0Fixed in 1.3.3source →

CVE-2020-15095low · fixedCVSS 3.1

npm CLI exposing sensitive information through logs

Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like `<protocol>://[<user>[:<password>]@]<hostname>[:<port>][:][/]<path>`. The password value is not redacted and is printed to stdout and also to any generated log files.

Affected: >= 0Fixed in 6.14.6source →

CVE-2019-16777low · fixedCVSS 3.1

npm Vulnerable to Global node_modules Binary Overwrite

Versions of the npm CLI prior to 6.13.4 are vulnerable to a Global node_modules Binary Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a `serve` binary, any subsequent installs of packages that also create a `serve` binary would overwrite the first binary. This will not overwrite system binaries but only binaries put into the global node_modules directory. This b

Affected: >= 0Fixed in 6.13.4source →

Inventory

Tools (1)

Click any tool to inspect its schema.

~158 tokens total

Inventory

Prompts (3)

restaurant_reservation

Pre-built prompt for making restaurant reservations via phone call

appointment_scheduling

Pre-built prompt for scheduling or rescheduling appointments via phone call

message_delivery

Pre-built prompt for delivering messages or notifications via phone call

Help improve this page

This server is missing a description.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Voice Call Mcp Server safe to use?: Voice Call Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install Voice Call Mcp Server?: Voice Call Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Voice Call Mcp Server do?: Voice Call Mcp Server provides 1 tool: initiate_call. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Voice Call Mcp Server?: Voice Call Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Voice Call Mcp Server actively maintained?: Voice Call Mcp Server is not actively maintained — last commit was 408 days ago. It has 59 GitHub stars.

Similar servers

Others in communication

View all →

Mcp_agent_mail96

Asynchronous coordination layer for AI coding agents: identities, inboxes, searchable threads, and advisory file leases over FastMCP + Git + SQLite

2.0k 6

Mac_messages_mcp93

An MCP server that securely interfaces with your iMessage database via the Model Context Protocol (MCP), allowing LLMs to query and analyze iMessage conversations. It includes robust phone number validation, attachment processing, contact management, group chat handling, and full support for sending and receiving messages.

289 4

io.github.codefuturist/email-mcp92

IMAP/SMTP email MCP server — 47 tools, IMAP IDLE push, multi-account, AI triage.

51 2

Agenticmail92

Email & SMS infrastructure for AI agents — send and receive real email and text messages programmatically

133 7

MCP Security Weekly

Get CVE alerts and security updates for Voice Call Mcp Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Communication

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "voice-call": {
      "env": {
        "TWILIO_NUMBER": "your_e.164_format_number",
        "OPENAI_API_KEY": "your_openai_api_key",
        "NGROK_AUTHTOKEN": "your_ngrok_authtoken",
        "TWILIO_AUTH_TOKEN": "your_auth_token",
        "TWILIO_ACCOUNT_SID": "your_account_sid"
      },
      "args": [
        "/path/to/your/mcp-new/dist/start-all.cjs"
      ],
      "command": "node"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/voice-call-mcp-server)](https://mcppedia.org/s/voice-call-mcp-server)

Read me

What Voice Call Mcp Server does

No description provided.

This server is thin — proceed with caution. Help improve this page →

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'npm' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

Voice Call MCP Server

A Model Context Protocol (MCP) server that enables Claude and other AI assistants to initiate and manage voice calls using Twilio and OpenAI (GPT-4o Realtime model).

Use this as a base to kick-start your AI-powered voice calling explorations, save time and develop additional functionality on top of it.

Sequence Diagram

sequenceDiagram
    participant AI as AI Assistant (e.g., Claude)
    participant MCP as MCP Server
    participant Twilio as Twilio
    participant Phone as Destination Phone
    participant OpenAI as OpenAI
    
    AI->>MCP: 1) Initiate outbound call request <br>(POST /calls)
    MCP->>Twilio: 2) Place outbound call via Twilio API
    Twilio->>Phone: 3) Ring the destination phone
    Twilio->>MCP: 4) Call status updates & audio callbacks (webhooks)
    MCP->>OpenAI: 5) Forward real-time audio to OpenaAI's realtime model
    OpenAI->>MCP: 6) Return voice stream
    MCP->>Twilio: 7) Send voice stream
    Twilio->>Phone: 8) Forward voice stream
    Note over Phone: Two-way conversation continues <br>until the call ends

Features

Make outbound phone calls via Twilio 📞
Process call audio in real-time with GPT-4o Realtime model 🎙️
Real-time language switching during calls 🌐
Pre-built prompts for common calling scenarios (like restaurant reservations) 🍽️
Automatic public URL tunneling with ngrok 🔄
Secure handling of credentials 🔒

Why MCP?

The Model Context Protocol (MCP) bridges the gap between AI assistants and real-world actions. By implementing MCP, this server allows AI models like Claude to:

Initiate actual phone calls on behalf of users
Process and respond to real-time audio conversations
Execute complex tasks requiring voice communication

This open-source implementation provides transparency and customizability, allowing developers to extend functionality while maintaining control over their data and privacy.

Requirements

Node.js >= 22
- If you need to update Node.js, we recommend using nvm (Node Version Manager):
```
nvm install 22
nvm use 22
```
Twilio account with API credentials
OpenAI API key
Ngrok Authtoken

Installation

Manual Installation

Clone the repository

git clone https://github.com/lukaskai/voice-call-mcp-server.git
cd voice-call-mcp-server

Install dependencies and build
```
npm install
npm run build
```

Configuration

The server requires several environment variables:

TWILIO_ACCOUNT_SID: Your Twilio account SID
TWILIO_AUTH_TOKEN: Your Twilio auth token
TWILIO_NUMBER: Your Twilio number
OPENAI_API_KEY: Your OpenAI API key
NGROK_AUTHTOKEN: Your ngrok authtoken
RECORD_CALLS: Set to "true" to record calls (optional)

Claude Desktop Configuration

To use this server with Claude Desktop, add the following to your configuration file:

macOS: ~/Library/Application Support/Claude/claude_desktop_config.json

Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "voice-call": {
      "command": "node",
      "args": ["/path/to/your/mcp-new/dist/start-all.cjs"],
      "env": {
        "TWILIO_ACCOUNT_SID": "your_account_sid",
        "TWILIO_AUTH_TOKEN": "your_auth_token",
        "TWILIO_NUMBER": "your_e.164_format_number",
        "OPENAI_API_KEY": "your_openai_api_key",
        "NGROK_AUTHTOKEN": "your_ngrok_authtoken"
      }
    }
  }
}

After that, restart Claude Desktop to reload the configuration. If connected, you should see Voice Call under the 🔨 menu.

Example Interactions with Claude

Here are some natural ways to interact with the server through Claude:

Simple call:

Can you call +1-123-456-7890 and let them know I'll be 15 minutes late for our meeting?

Restaurant reservation:

Please call Delicious Restaurant at +1-123-456-7890 and make a reservation for 4 people tonight at 7:30 PM. Plea

... [View full README on GitHub](https://github.com/popcornspace/voice-call-mcp-server#readme)

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

81/100across 5 weighted dimensions

How we score →

0255075100

−19

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

8 fixed

CVE-2022-29244low · fixedCVSS 3.1

Packing does not respect root-level ignore files in workspaces

Affected: >= 7.9.0Fixed in 8.11.0source →

CVE-2018-7408low · fixedCVSS 3

Incorrect Permission Assignment for Critical Resource in NPM

Affected: >= 0Fixed in 5.7.1source →

CVE-2013-4116info · fixed

Local Privilege Escalation in npm

Affected: >= 0Fixed in 1.3.3source →

CVE-2020-15095low · fixedCVSS 3.1

npm CLI exposing sensitive information through logs

Affected: >= 0Fixed in 6.14.6source →

CVE-2019-16777low · fixedCVSS 3.1

npm Vulnerable to Global node_modules Binary Overwrite

Affected: >= 0Fixed in 6.13.4source →

Inventory

Tools (1)

Click any tool to inspect its schema.

~158 tokens total

Inventory

Prompts (3)

restaurant_reservation

Pre-built prompt for making restaurant reservations via phone call

appointment_scheduling

Pre-built prompt for scheduling or rescheduling appointments via phone call

message_delivery

Pre-built prompt for delivering messages or notifications via phone call

Help improve this page

This server is missing a description.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Voice Call Mcp Server safe to use?: Voice Call Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install Voice Call Mcp Server?: Voice Call Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Voice Call Mcp Server do?: Voice Call Mcp Server provides 1 tool: initiate_call. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Voice Call Mcp Server?: Voice Call Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Voice Call Mcp Server actively maintained?: Voice Call Mcp Server is not actively maintained — last commit was 408 days ago. It has 59 GitHub stars.