wacli

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides installation instructions for the wacli tool using Homebrew (steipete/tap/wacli) or the Go package manager (github.com/steipete/wacli/cmd/wacli@latest), which fetches code from a third-party GitHub repository.
  • [COMMAND_EXECUTION]: The skill utilizes the wacli CLI to perform various operations including account authentication, message synchronization, and sending text or file attachments.
  • [DATA_EXPOSURE]: The skill is designed to interact with sensitive messaging data, including contact lists and chat history. It also has the capability to read local files when a user requests to send them via WhatsApp.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external data from WhatsApp messages which could contain adversarial instructions.
  • Ingestion points: WhatsApp message search results and history backfill (SKILL.md).
  • Boundary markers: The instructions explicitly mandate confirmation of the recipient and message text before the agent proceeds.
  • Capability inventory: File system read access and network messaging via the wacli CLI.
  • Sanitization: The skill relies on human-in-the-loop verification to mitigate risks from untrusted message content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 06:06 AM
Security Audit — agent-trust-hub — wacli