wacli

SUSPICIOUS. The declared WhatsApp purpose is plausible, but the skill’s actual footprint is mainly a transitive install of community code with weak provenance: inconsistent installer branding, unverifiable LadybugDB status, no pinning or integrity info, and indications the underlying tool is maintained from a personal repo. There is no direct evidence of credential theft in this fragment, but install trust and opaque downstream behavior make the skill high risk.