The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill configuration specifies the installation of the wacli binary from an external GitHub repository (github.com/steipete/wacli) via the Go module system and a Homebrew tap.
[DATA_EXFILTRATION]: The skill exposes functionality to send local files (wacli send file) and text content to external WhatsApp accounts, creating a potential path for unauthorized data transfer from the local environment.
[COMMAND_EXECUTION]: The skill utilizes shell-based execution of the wacli CLI for all operations, including authentication (auth), synchronization (sync), and message management.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from external sources. Ingestion points: External WhatsApp messages and chat history retrieved via wacli messages search and wacli history backfill. Boundary markers: No delimiters or instructions are provided to the agent to treat retrieved message content as untrusted. Capability inventory: The skill possesses file-read and network-send capabilities via the send file and send text commands. Sanitization: No evidence of validation or sanitization of the retrieved message content before it enters the agent's context.

wacli