ClawHub

Whatsapp Business 1.0.3

v1.0.0

WhatsApp Business API integration with managed OAuth. Send messages, manage templates, and handle conversations. Use this skill when users want to interact w...

1· 88·1 current·1 all-time
byRaidan Pro@raidan-ai·duplicate of @kenhee350-a11y/skill111
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the instructions: SKILL.md documents calls to gateway.maton.ai and ctrl.maton.ai for sending messages, managing connections, and using OAuth. The single required env var (MATON_API_KEY) is consistent with a managed gateway API key.
Instruction Scope
Instructions only show HTTP calls to maton domains and examples that read MATON_API_KEY from the environment. There are no instructions to read unrelated files, other env vars, system config, or to exfiltrate data to unexpected endpoints.
Install Mechanism
This is instruction-only (no install spec, no code files). Nothing is written to disk or downloaded by the skill, which minimizes install-time risk.
Credentials
Only one environment variable (MATON_API_KEY) is required, which is proportionate for a managed API gateway. No other secrets or unrelated credentials are requested. Note: the skill metadata does not declare a primary credential field, but the single required env var is documented in SKILL.md.
Persistence & Privilege
always is false and the skill does not request persistent system-wide changes. Autonomous invocation is allowed by default but that is normal and not combined with other concerning privileges.
Assessment
This skill appears internally consistent for integrating with a Maton-managed WhatsApp Business gateway: it only requires a single MATON_API_KEY and its examples call maton.ai, gateway.maton.ai, and ctrl.maton.ai. Before installing, verify you trust the Maton service and that the API key came from https://maton.ai (confirm account and token legitimacy). Because the package has no listed homepage or source repository, consider testing with a non-production API key and non-sensitive data first, limit key permissions if possible, and be prepared to rotate the key if you stop using the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97aj3ndg8wsn4qhj1q8vm3k7983kd8y

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
EnvMATON_API_KEY

Comments