Back to skill

Security audit

P-API - WhatsApp API

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only WhatsApp API skill whose powerful messaging and management capabilities are disclosed and aligned with its purpose, but users should operate it carefully.

Install only if you intend to connect an agent to a real P-API/WhatsApp environment. Use a limited API key where possible, verify recipients and message content before sending, require explicit approval for deletion or group changes, and configure only trusted HTTPS/WSS webhook destinations that can safely handle private message data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger list contains very broad and generic terms such as "whatsapp," "papi," and "QR code," which can cause the skill to be invoked in situations unrelated to the user's explicit intent to use this specific integration. Because this skill enables high-impact actions like sending messages and managing instances, accidental invocation could lead to unintended operational or privacy-sensitive actions.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill description advertises powerful messaging and instance-management capabilities without warning users that these operations may send messages to real recipients, manipulate groups, expose QR codes, or configure webhooks. In a communications automation context, lack of safety warnings increases the risk of unintended outreach, privacy exposure, and misuse of external messaging infrastructure.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documentation encourages sending message and event data to external webhook and WebSocket endpoints without warning about the sensitivity of that data or the need for transport/authentication controls. This can lead operators to forward conversation contents and metadata to third-party systems insecurely, increasing the risk of data leakage, unauthorized collection, or interception if endpoints are misconfigured.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.