observe-whatsapp

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill uses environment variables (KAPSO_API_KEY, KAPSO_API_BASE_URL) for authentication and configuration, which is a standard and secure practice for managing sensitive credentials.- [SAFE]: External network operations are limited to the Kapso API and documentation domains (docs.kapso.ai), which are legitimate and necessary for the skill's stated purpose of observability.- [SAFE]: The openapi-explore.mjs script fetches and parses OpenAPI specifications to provide documentation to the user. It does not execute remote code and uses the well-known yaml library for parsing.- [SAFE]: No obfuscation, prompt injection attempts, or persistence mechanisms were detected in the instructions or the supporting scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 10:31 PM
Security Audit — agent-trust-hub — observe-whatsapp