ClawHub
Back to skill
v1.3.0

Gif Whatsapp

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:19 AM.

Analysis

The skill is coherent for sending WhatsApp GIFs, but it gives the agent direct WhatsApp sending authority without an explicit confirmation step.

GuidanceReview this skill before installing if you do not want the agent to send WhatsApp media on your behalf. If installed, require the agent to ask before each GIF is sent and to confirm the recipient number or conversation.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
✅ Good times:
- User asks for a GIF
- Celebrating good news
- Funny reactions ... message action=send to=NUMBER message=" " filePath=/root/.openclaw/workspace/gif.mp4 gifPlayback=true

The skill gives conditions beyond an explicit user request and then provides a direct WhatsApp send action, without requiring confirmation of the recipient or the specific outgoing message.

User impactThe agent could send a GIF to a WhatsApp recipient under the user's account before the user has explicitly approved that particular send.
RecommendationRequire explicit user approval and recipient confirmation before every WhatsApp send, and avoid proactive/contextual sends unless the user has clearly requested them.
Unexpected Code Execution
SeverityLowConfidenceHighStatusNote
SKILL.md
curl -sL "GIF_URL" -o /tmp/gif.gif ... ffmpeg -i /tmp/gif.gif ... /tmp/gif.mp4 -y ... cp /tmp/gif.mp4 /root/.openclaw/workspace/gif.mp4

The skill relies on shell commands to download remote GIF media, convert it locally with ffmpeg, and copy it into the workspace. This is central to the stated purpose but is still a sensitive execution path.

User impactRemote media files will be processed locally and written to temporary/workspace locations before being sent.
RecommendationUse only intended Tenor/Giphy results, keep ffmpeg and related tools updated, and clean temporary/workspace files if retention is a concern.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
allowed-tools: [exec, message] ... Uses the platform's built-in `message` tool — no separate WhatsApp credentials needed

The skill uses the platform's preconfigured messaging capability rather than asking for credentials, which is purpose-aligned but still means it sends through the user's WhatsApp identity.

User impactAny GIF sent by this skill may appear to recipients as coming from the user's WhatsApp account.
RecommendationInstall only in environments where the agent is allowed to use the WhatsApp/message tool, and keep message permissions limited to intended conversations or recipients.