Whatsapp Context Manager for Agents

ReviewAudited by ClawScan on May 10, 2026.

Overview

Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.

This looks like a benign local customer-service context manager. Before installing, verify the source, review the Python files before running them, and decide where the SQLite database will live, who can access it, and how long customer chat/order history should be retained. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI06: Memory and Context Poisoning

What this means

Customer conversations, phone numbers, emails, notes, and order details may remain on disk and could be exposed if the database file is shared, backed up insecurely, or retained too long.

Why it was flagged

The skill intentionally retains customer identifiers, conversation history, notes, sentiment, and order context in a local persistent store. This is aligned with the skill purpose, but it is sensitive memory that should be governed.

Skill content

Complete conversation history ... customer.phone ... customer.email ... customer.notes ... All data stored locally in SQLite

Recommendation

Use a protected database location, define retention/deletion rules, restrict access to the database file, and avoid storing unnecessary sensitive customer information.

Low

#ASI05: Unexpected Code Execution

What this means

Running the scripts executes local code on the user’s machine, so users rely on the package contents being trustworthy.

Why it was flagged

The documentation asks the user to run included Python scripts. This is visible and purpose-aligned setup/testing behavior, but it is still local code execution from a package whose source is listed as unknown.

Skill content

python install_check_whatsapp.py ... python test_whatsapp.py ... python examples_whatsapp.py

Recommendation

Review the included Python files and obtain the package from a trusted source before running the setup, tests, or examples.