Skillv2.16.4

ClawScan security

WhatsApp Outreach Platform — AI Leads, Bulk Messaging, Reviews & CRM Pipeline · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 3, 2026, 7:20 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: This is a documentation-only skill that documents a WhatsApp automation HTTP API and only requires a single MoltFlow API key; its requests and instructions are consistent with that purpose.
Guidance: This package is documentation for a third-party WhatsApp automation API and appears internally consistent. Before installing/using: 1) Only provide a scoped MOLTFLOW_API_KEY with the minimum scopes needed (messages, groups, etc.), not a full-privilege key. 2) Understand that group messages, uploads (PDFs), voice notes, and contact data will be sent to MoltFlow's servers — confirm GDPR/consent and your privacy/compliance needs. 3) Prefer OAuth where supported (MCP integrations) instead of pasting raw API keys. 4) Note the 'disable-model-invocation: true' setting prevents autonomous agent actions, but you should still audit any actions you instruct the skill to perform (bulk sends, webhooks) to avoid accidental mass messaging. 5) If you need stronger assurance, review MoltFlow's public docs, privacy policy, and API key scope controls on their dashboard before providing credentials.

Review Dimensions

Purpose & Capability: okThe skill's name/description (WhatsApp outreach, lead mining, bulk messaging, AI features) align with the documented REST endpoints and examples. The sole required secret (MOLTFLOW_API_KEY) is appropriate and declared as the primary credential. There are no unrelated binaries, config paths, or unrelated credentials requested.
Instruction Scope: noteRuntime instructions are entirely API-focused (curl examples, MCP integration instructions, endpoints for sessions/groups/messages/AI features). They do instruct the agent (and user) to send WhatsApp messages, ingest documents, transcribe voice notes, and read group messages via the MoltFlow API — which is consistent with the stated purpose. Note: some example text references 'your LLM API key' for certain Pro features; the skill does not require or declare an LLM env var and earlier files state LLM keys are managed via the MoltFlow dashboard. Also be aware that using the skill necessarily sends WhatsApp/group content and uploaded documents to MoltFlow's servers.
Install Mechanism: okThis is an instruction-only package with no install spec and no code files to execute locally. That minimizes on-disk risk; all actions are documented HTTP calls to the service's API (apiv2.waiflow.app).
Credentials: okOnly one environment variable is required (MOLTFLOW_API_KEY) and it is justified by the skill's API usage. No other credentials, system secrets, or config paths are requested. The documentation repeatedly recommends scoped API keys and least-privilege scopes.
Persistence & Privilege: okModel invocation is disabled (disable-model-invocation: true), preventing autonomous skill invocation; always is false. The skill does not request permanent presence or system modifications. It documents server-side features (webhooks, SSE) but does not install local background services.