ClawHub

OpenClaw wacli Playbook

v0.1.0

Send WhatsApp messages to other people or search/sync WhatsApp history via the wacli CLI (not for normal user chats).

0· 54·0 current·0 all-time
byDaniel Sinewe@danielsinewe·duplicate of @mohdalhashemi98-hue/mh-wacli
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the requested binary and commands. Asking for the wacli binary (or providing brew/go install options) is appropriate for a skill that sends messages and searches/syncs WhatsApp history.
Instruction Scope
SKILL.md limits use to explicit user requests and documents required wacli commands. It references the store directory (~/.wacli) which is expected (session state, auth tokens, message history). Be aware that those files contain WhatsApp session data and message history; the skill's runtime instructions permit reading/writing that directory.
Install Mechanism
Install options use a brew formula (steipete/tap/wacli) and a Go module from GitHub — both are standard package sources. This is low-to-moderate risk; verify you trust the tap/repo before installing.
Credentials
No environment variables or unrelated credentials are requested. The skill relies on wacli's QR auth and local session files rather than external API keys, which is proportionate to the task.
Persistence & Privilege
always:false (not force-included). The skill can be invoked autonomously by the agent (platform default). Combined with its ability to send messages and access ~/.wacli, you should ensure the agent only uses it with explicit confirmation as the SKILL.md recommends.
Assessment
This skill appears coherent for controlling wacli, but installing and using it will create and use local WhatsApp session files (by default ~/.wacli) that contain authentication/session data and message history. Before installing: verify the brew tap / GitHub repo reputation (steipete/wacli), decide whether you want an AI agent that can call this tool autonomously (if not, restrict or require explicit confirmation), and periodically inspect/delete ~/.wacli if you want to limit long-term exposure. If you only need to read history but not send messages, consider running wacli manually instead of giving the agent permission to invoke it.

Like a lobster shell, security has layers — review code before you run it.

clivk975e3yp505gp1m2j7nyhayfss84rch8latestvk975e3yp505gp1m2j7nyhayfss84rch8messagingvk975e3yp505gp1m2j7nyhayfss84rch8openclawvk975e3yp505gp1m2j7nyhayfss84rch8operationsvk975e3yp505gp1m2j7nyhayfss84rch8safetyvk975e3yp505gp1m2j7nyhayfss84rch8waclivk975e3yp505gp1m2j7nyhayfss84rch8whatsappvk975e3yp505gp1m2j7nyhayfss84rch8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📱 Clawdis
Binswacli

Install

Install wacli (brew)
Bins: wacli
brew install steipete/tap/wacli
Install wacli (go)
Bins: wacli
go install github.com/steipete/wacli/cmd/wacli@latest

Comments