Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
whatclaw-whatsapp-integration
v1.0.0Manages WhatsApp whitelists to send messages only to approved numbers, track delivery status, and verify OpenClaw connectivity via word-trigger commands.
⭐ 0· 153·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the code and SKILL.md: the script manages whitelist sets, sends messages via the OpenClaw CLI, tracks status via channel logs, and stores local state in data/*. This requires the OpenClaw CLI and an active WhatsApp channel, which the skill explicitly checks.
Instruction Scope
SKILL.md tells the user to run node word-trigger.js "<phrase>" and to have OpenClaw CLI logged in; the script operates on local data/whitelist.json and data/message-store.json and calls the OpenClaw CLI. Two things to note: (1) SKILL.md references a hard-coded user path (/home/vignesh/...) which is leftover-local and should be updated before use; (2) the script accepts media as local file paths or URLs and will pass them to OpenClaw for sending — this enables sending arbitrary local files to WhatsApp recipients if someone issues such a phrase.
Install Mechanism
Instruction-only skill with a single JS file and no install spec. Nothing is downloaded or written beyond local data files created under the skill directory at runtime.
Credentials
No environment variables or external credentials are requested by the skill. It relies on the existing OpenClaw CLI authentication (expected for WhatsApp operations) and does not try to read unrelated config or secrets.
Persistence & Privilege
always is false and the skill writes only its own local data files (data/whitelist.json and data/message-store.json) in its directory. It does not modify other skills or global agent configuration.
Assessment
This skill appears to do what it claims, but review and consider the following before installing or enabling autonomous use:
- The script invokes your OpenClaw CLI to send messages; OpenClaw carries the actual network access and credentials. Ensure your OpenClaw login and channel permissions are appropriate.
- Media may be a local file path. A user or an automated agent could issue a phrase that sends a local file (e.g., /etc/passwd) to numbers in a whitelist — treat this as a potential data-exfiltration vector inherent to any attachment-sending tool. Restrict who can invoke the skill and audit commands if confidentiality matters.
- SKILL.md references a hard-coded user path (/home/vignesh/…). Update the working directory instructions to match your environment before running.
- The skill stores persistent data under its data/ directory. Backups, access controls, or secure storage may be needed if the whitelist or message store contain sensitive info.
If you want stronger assurance, run the script in an isolated environment (or sandbox) first, inspect the data files it creates, and verify OpenClaw CLI behavior and logs for any unexpected activity.word-trigger.js:66
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk973gjqwpxg5qgfk897zpcvt6s834zez
License
MIT-0
Free to use, modify, and redistribute. No attribution required.