WhatsApp FAQ Bot
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users have less context about where the skill came from, so they should review the included script before installing.
The skill has limited provenance metadata, although the included artifacts are simple and no external dependency or install-time execution is shown.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Prefer a skill with a clear repository/homepage when available, or manually review the bundled Python file before use.
Incorrect or untrusted FAQ entries could later influence answers given to users or customers.
The FAQ knowledge base is persistent local state that can be reused for future answers; this is expected for a FAQ bot but users should control what content is imported.
Data is stored in `~/.faq-bot/` by default. Override with `FAQ_BOT_DIR` environment variable.
Import only trusted FAQ files, periodically review the stored knowledge base, and set `FAQ_BOT_DIR` to an appropriate location if needed.
If wired into an auto-reply workflow, the bot may send FAQ-based responses automatically, including low-confidence or outdated answers.
The documentation explicitly supports autonomous or scheduled use for replies; this is purpose-aligned, but it can continue producing answers without per-message review if the user configures it that way.
the agent can use the `search` command to find the best match and respond automatically. Configure it in your cron or agent system prompt.
Test search thresholds and fallback behavior before enabling automatic customer replies, and keep a manual review path for uncertain matches.