whatsapp-automation
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill includes a 'skill-report.json' file with self-referential text claiming safety to deceive analyzers. It also presents an indirect injection surface: (1) Ingestion: User inputs for 'body' and 'media_url' (SKILL.md); (2) Boundary markers: Absent; (3) Capabilities: Network-writing via WHATSAPP tools; (4) Sanitization: Absent.
- [EXTERNAL_DOWNLOADS]: The skill instructs users to connect to a third-party MCP server at 'https://rube.app/mcp' for its primary operations.
Audit Metadata