ClawHub
Back to skill

Security audit

WAHA Onboarding

Security checks across malware telemetry and agentic risk

Overview

This skill likely does what it says, but it links a persistent WhatsApp session without clearly explaining account access, retention, or cleanup.

Review before installing. Use only with a WAHA instance you trust, confirm what WhatsApp data the agent may access after pairing, prefer an opaque session name instead of one containing your phone number, and make sure you know how to unlink or delete the WAHA session when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs collecting, sanitizing, and reusing a user's phone number to create persistent WAHA session identifiers and request pairing codes, but it provides no disclosure about storage, retention, third-party processing, or consent boundaries. This creates a privacy and trust risk because the phone number is sensitive personal data and is being operationally bound to an external messaging session without informed notice.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill tells the agent to generate and share a WhatsApp pairing code and guide the user through linking their account, but it never explicitly warns that this action connects the user's WhatsApp account to a WAHA-managed session that may enable message access or account operations. In this context, omission of that disclosure is dangerous because users may believe they are completing a harmless verification step rather than granting an external service ongoing access to their account.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal