Skillv1.0.0

ClawScan security

EngageLab WhatsApp Business · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 11, 2026, 2:38 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement EngageLab WhatsApp APIs as described, but there are mismatches between what it needs (API credentials and a Python dependency) and the registry metadata/instructions, so verify the source and credentials before using.
Guidance: This skill looks like a legitimate API client for EngageLab's WhatsApp service, but there are important inconsistencies you should consider before installing or supplying secrets: - The package does not declare any required environment variables or a primary credential, yet the client and documentation require dev_key/dev_secret (HTTP Basic). Expect the skill to prompt you for these credentials at runtime. Only provide them if you trust the publisher and the service. - The distributed bundle includes a Python client that imports the 'requests' library but the skill gives no install instructions or dependency list. Running it will likely require manually installing Python and requests; consider running in an isolated environment (container) and review the code first. - The callback documentation recommends accepting unauthenticated POSTs and explicitly says 'callback security mechanism is pending'. Exposing an unauthenticated webhook can allow spoofed events. If you use callbacks, put them behind your own verification (IP allowlist, HMAC auth, or a proxy that verifies payloads). - There is no homepage or known publisher listed. If you plan to use this in production, verify EngageLab's legitimacy and the publisher's identity (source repository, company site), and prefer using scoped API keys and least-privilege credentials. Actions you can take: review the included whatsapp_client.py file yourself (it appears readable and not obfuscated), run it in an isolated environment, confirm required dependencies, and avoid pasting real production credentials until you trust the source. If you need help assessing the code further, provide the full file and I can point out any problematic lines.

Review Dimensions

Purpose & Capability: noteName, description, SKILL.md, and the included python client all align with a WhatsApp Business API integration: sending messages, template CRUD, and callback handling. This capability set is coherent with the stated purpose.
Instruction Scope: concernSKILL.md confines itself to API calls and webhook handling (no instructions to read unrelated local files). However it instructs the agent to ask the user for dev_key/dev_secret and to configure callbacks that the reference explicitly says 'must not require authentication (callback security mechanism is pending)'. That encourages deploying unauthenticated webhook endpoints, which is a security risk and outside best practice.
Install Mechanism: concernThere is no install spec (instruction-only), but the bundle includes a Python file that imports the third-party 'requests' library. The skill does not declare this dependency or provide instructions to install it; running the provided code may fail or require installing packages manually. No network-download install steps are present.
Credentials: concernThe SKILL.md and code require API credentials (dev_key and dev_secret) for Basic Auth, but the registry metadata lists no required environment variables or primary credential. The skill will ask the user for credentials at runtime instead of declaring them in metadata; this mismatch reduces transparency and is a red flag. No unrelated credentials are requested.
Persistence & Privilege: okThe skill is not always-enabled and does not request persistent system privileges or modify other skills. Autonomous invocation is allowed by default but is not combined with other high-risk flags here.