ClawHub

Evolution Api v2

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Evolution API skill for WhatsApp automation, with powerful but disclosed messaging, webhook, chatbot, and admin operations.

Install this only if you want an agent to help operate a real Evolution API or WhatsApp account. Protect the global admin key, prefer instance-scoped keys where possible, verify recipients and instance names before sending or deleting, and enable webhooks, queues, Chatwoot imports, AI bots, media forwarding, or triggerType "all" only for trusted destinations with consent and retention controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill documents destructive and privacy-impacting actions such as logout, delete instance, and message/profile removal without any warning, confirmation guidance, or scope constraints. In an agent setting, this increases the chance that a model or user triggers irreversible actions without understanding the consequences.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The webhook and integration sections describe sending message, media, contact, and event data to third-party services but omit privacy and data-handling warnings. This can lead operators to expose sensitive WhatsApp content to external systems without informed consent, minimization, or trust-boundary review.

Vague Triggers

High
Confidence
94% confidence
Finding
Allowing chatbot activation on every message via `triggerType: "all"` is overly broad and can cause unintended interception, response generation, or data forwarding for all inbound chats. In a messaging automation context, that materially increases the risk of privacy violations, spammy behavior, and accidental bot takeover of conversations.

Vague Triggers

High
Confidence
95% confidence
Finding
The example configures a bot with `triggerType: "all"` in a common workflow, normalizing unsafe broad activation without cautionary guidance. Because examples are often copied directly, this makes accidental always-on monitoring and automated replies more likely in production.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
#### Delete Instance
```bash
DELETE /instance/delete/{instance}
Header: apikey: $EVO_GLOBAL_KEY
```
Confidence
90% confidence
Finding
DELETE /instance/delete/{instance}

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal