Back to skill
Skillv2.16.4
VirusTotal security
WhatsApp Outreach Platform — AI Leads, Bulk Messaging, Reviews & CRM Pipeline · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:28 AM
- Hash
- c455a8e1adfa8af5cdba4d1003d5df681c9082cd5df22789eb26e8536f733227
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: whatsapp-automation-a2a Version: 2.16.4 The skill bundle is purely documentation (markdown and JSON files) for an external WhatsApp automation API service (MoltFlow). It contains no executable code or scripts. A critical security control, `disable-model-invocation: true`, is set in SKILL.md, preventing the AI agent from autonomously executing actions. All described operations are API calls to a single, declared external endpoint (`https://apiv2.waiflow.app`) and require explicit user confirmation. The documentation emphasizes security best practices such as using minimum-scoped API keys, environment variables, and includes safeguards like webhook URL validation and anti-spam measures. There is no evidence of data exfiltration, persistence mechanisms, obfuscation, or malicious prompt injection attempts against the OpenClaw agent within the provided files.
- External report
- View on VirusTotal