ClawHub

Wacrawl

Security checks across malware telemetry and agentic risk

Overview

This is a clearly described local WhatsApp archive/search skill, but it handles very private chat data and requires broad macOS file access.

Install only if you trust the Homebrew wacrawl package and are comfortable granting Full Disk Access to the terminal that runs it. Treat ~/.wacrawl/wacrawl.db as a sensitive copy of your WhatsApp message history, consider whether backups will capture it, and set up scheduled imports only if you want ongoing refreshes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly states it creates a local mirror/archive of WhatsApp Desktop data, but it does not prominently warn users that this duplicates highly sensitive private communications into a second database under ~/.wacrawl/wacrawl.db. That increases confidentiality risk by expanding the attack surface, retention footprint, and likelihood of unintended exposure through backups, local compromise, or later misuse.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill requires Full Disk Access to the terminal but does not clearly explain that this permission grants broad read access well beyond WhatsApp data. Users may grant a highly privileged macOS capability without understanding that a compromised terminal session, plugin, or misused command could expose many other files on the system.

Session Persistence

Medium
Category
Rogue Agent
Content
Local read-only mirror of WhatsApp Desktop on macOS. Copies WhatsApp's SQLite databases into a temp snapshot, imports useful chat data into its own archive, and exposes scriptable search.

**Does not** send messages, decrypt cloud backups, talk to WhatsApp Web, or write back into WhatsApp's app container.

## Requirements
- macOS with **WhatsApp Desktop** (Mac App Store version) installed and signed in.
Confidence
84% confidence
Finding
write back into WhatsApp's app container. ## Requirements - macOS with **WhatsApp Desktop** (Mac App Store version) installed and signed in. - Full-disk access for the terminal that runs `wacrawl` (S

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal