Whats 1.0.0
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed WhatsApp CLI helper with sensitive but user-controlled messaging and history access.
Install only if you trust the external wacli package source and are comfortable linking WhatsApp by QR login. Before any send action, verify the recipient, group versus direct chat, message text, and attachment path. Use sync or backfill only when needed, and review or remove ~/.wacli if you do not want WhatsApp history retained locally.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
62/62 vendors flagged this skill as clean.