whapi
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill describes a bot architecture that ingests untrusted data from WhatsApp messages, identifying a surface for indirect prompt injection.
- Ingestion points: Incoming webhook payloads containing user-supplied text and metadata ('references/recv-webhooks.md', 'references/pattern-bot.md').
- Boundary markers: None specified in the provided instructions or code examples.
- Capability inventory: The 'whapi-mcp' server provides 165 tools for messaging and account management ('SKILL.md').
- Sanitization: No explicit sanitization or validation of input message content is described in the integration patterns.
- [EXTERNAL_DOWNLOADS]: The skill provides instructions for the download of the 'whapi-mcp' package from the npm registry for setup. Evidence: 'npx -y whapi-mcp@latest' in 'references/core-mcp-setup.md'.
- [REMOTE_CODE_EXECUTION]: The documentation describes the execution of the vendor's MCP server through the npx utility as part of the setup process. Evidence: 'references/core-mcp-setup.md'.
- [COMMAND_EXECUTION]: The skill includes shell command examples for API configuration and server execution using curl and npx. Evidence: 'references/core-mcp-setup.md' and 'references/recv-webhooks.md'.
Audit Metadata