ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

WhatsApp Common Groups

v1.0.0

Find groups shared between contacts and check group membership

0· 592·0 current·0 all-time
byMarcos Santos@marcosrippel
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The script's behavior (scanning a local OpenClaw WhatsApp credentials directory for sender-key files and contacts.json) is consistent with the stated purpose of finding common WhatsApp groups. However, the skill metadata and SKILL.md do not declare that it needs access to local credential/config paths (the code uses OPENCLAW_STATE_DIR or ~/.openclaw/credentials/whatsapp/default). This undeclared requirement is a mismatch and should be disclosed.
!
Instruction Scope
SKILL.md shows only how to exec the Node script and does not mention that the script will read files from the user's local OpenClaw credentials directory. The instructions give the agent implicit permission to run a binary that reads potentially sensitive local files, which is not documented in the runtime instructions.
Install Mechanism
There is no install spec (instruction-only with a bundled script). Nothing is downloaded or written to disk by an installer; risk from installation mechanism is low.
!
Credentials
The code reads process.env.OPENCLAW_STATE_DIR (if set) and otherwise defaults to ~/.openclaw/credentials/whatsapp/default, but the skill declares no required env vars or config paths. Accessing a credentials directory (and potentially contacts.json and sender-key files) is sensitive and should have been declared. The number and sensitivity of files accessed is disproportionate to the lack of declared permissions.
Persistence & Privilege
The skill does not request persistent/always-on presence, does not modify other skill or system configs, and does not install background services. It only reads files and prints JSON to stdout.
What to consider before installing
This skill will run a bundled Node script that directly reads your OpenClaw WhatsApp credential folder (OPENCLAW_STATE_DIR or ~/.openclaw/credentials/whatsapp/default) and parses sender-key files and contacts.json to report group membership. The metadata and SKILL.md do not disclose this file access. Before installing or running it: (1) verify you trust the source or inspect scripts yourself, (2) check the exact path and contents of the credentials folder to understand what data would be read, (3) consider running the script manually in a sandbox or on a copy of the credential files, and (4) ask the maintainer to explicitly declare required config paths and env vars and to explain why those files are needed. Note: the script does not make network calls or upload data itself — it prints results to stdout, but whatever receives the output (agent logs, remote backend) could expose this information, so treat outputs as sensitive.

Like a lobster shell, security has layers — review code before you run it.

baileysvk972py1megzhjwjxkzcbrftg5d81db9gcommonvk972py1megzhjwjxkzcbrftg5d81db9ggroupsvk972py1megzhjwjxkzcbrftg5d81db9glatestvk972py1megzhjwjxkzcbrftg5d81db9gofflinevk972py1megzhjwjxkzcbrftg5d81db9gwhatsappvk972py1megzhjwjxkzcbrftg5d81db9g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments