wacli
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides installation instructions for the
waclitool using Homebrew (steipete/tap/wacli) or the Go package manager (github.com/steipete/wacli/cmd/wacli@latest), which fetches code from a third-party GitHub repository. - [COMMAND_EXECUTION]: The skill utilizes the
wacliCLI to perform various operations including account authentication, message synchronization, and sending text or file attachments. - [DATA_EXPOSURE]: The skill is designed to interact with sensitive messaging data, including contact lists and chat history. It also has the capability to read local files when a user requests to send them via WhatsApp.
- [INDIRECT_PROMPT_INJECTION]: The skill processes external data from WhatsApp messages which could contain adversarial instructions.
- Ingestion points: WhatsApp message search results and history backfill (SKILL.md).
- Boundary markers: The instructions explicitly mandate confirmation of the recipient and message text before the agent proceeds.
- Capability inventory: File system read access and network messaging via the
wacliCLI. - Sanitization: The skill relies on human-in-the-loop verification to mitigate risks from untrusted message content.
Audit Metadata