ClawHub
Back to plugin

Security audit

Kapso WhatsApp

Security checks across malware telemetry and agentic risk

Overview

This is a coherent WhatsApp channel plugin that uses Kapso credentials and webhooks for its stated messaging setup and delivery purpose.

Install only if you intend to let OpenClaw send and receive WhatsApp messages through Kapso. Review the setup steps before allowing an agent to write config, register webhooks, expose a gateway through Tailscale Funnel, or set default outbound recipients, and keep Kapso API keys and webhook secrets out of chat when possible.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

57/57 vendors flagged this plugin as clean.

View on VirusTotal