Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
whatsap-pro
v1.0.0Automated customer support for Indian small businesses using WhatsApp Business API. Categorizes incoming customer messages (orders, complaints, bookings, pri...
⭐ 0· 44·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill name/description align with requiring WABA_PHONE_NUMBER_ID and WABA_ACCESS_TOKEN (expected for Meta/WhatsApp integration). However, the SKILL.md expects a business profile to be placed at ~/.openclaw/openclaw.json while the registry metadata lists no required config paths. Also the included _meta.json ownerId and slug differ from the registry metadata (owner IDs and slugs should match). These metadata/config mismatches are unexplained and worth verifying with the publisher.
Instruction Scope
Instructions are primarily limited to classifying messages, sending replies via the Meta Graph API using the declared env vars, and escalating by forwarding full conversations to the business owner. That scope is coherent, but the SKILL.md instructs reading/writing a local config (~/.openclaw/openclaw.json) and storing tickets in agent memory. It also requires configuring your webhook to point at the platform's OpenClaw endpoint (i.e., customer messages will flow through the OpenClaw infrastructure). These imply handling of customer PII (phone numbers, messages) and should be validated for retention/consent policies.
Install Mechanism
Instruction-only skill with no install spec or bundled code — minimal install risk (nothing is downloaded or written by an installer).
Credentials
Only WABA_PHONE_NUMBER_ID and WABA_ACCESS_TOKEN are required, which is proportionate to a WhatsApp Business API integrator. Still, granting an access token gives substantial capability (sending messages, reading message threads depending on token scope); use a token with least privileges and consider rotation/monitoring.
Persistence & Privilege
The skill stores 'tickets' in agent memory and forwards conversations to the owner via OpenClaw messaging channels. It's not marked always:true and does not modify other skills, but memory retention and forwarding behavior can persist customer data beyond an immediate session. Confirm how long agent memory persists, where forwarded data is delivered/stored, and whether the platform encrypts or logs these messages.
What to consider before installing
This skill appears to do what it says (WhatsApp auto-responder) and only asks for the WhatsApp phone-number ID and access token — which is expected. Before installing, verify these points: 1) Confirm the publisher/source (homepage and owner IDs in the registry vs _meta.json mismatch is suspicious); ask the publisher to reconcile ownerId/slug differences. 2) Ensure you understand where incoming messages will flow: the SKILL.md requires pointing your webhook to an OpenClaw endpoint — verify OpenClaw's privacy, retention, and hosting policies because customer messages (PII) will transit that service. 3) Limit the WABA_ACCESS_TOKEN privileges and rotate it after testing; use a test/business account first. 4) Confirm how ~/.openclaw/openclaw.json is stored and who can read it (it will contain owner contact info and templates). 5) Ask the publisher whether agent memory is persisted and for how long (ticket storage could retain PII). If you cannot verify the publisher or the data-flow/retention answers, run the skill only in a sandbox/test WhatsApp account or don't install it.Like a lobster shell, security has layers — review code before you run it.
latestvk97a73r441g9cxxhdsszyqjwxh83rvnh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
💬 Clawdis
EnvWABA_PHONE_NUMBER_ID, WABA_ACCESS_TOKEN
Primary envWABA_ACCESS_TOKEN