wacli
Warn
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the 'wacli' binary from a non-trusted third-party GitHub repository (github.com/steipete/wacli) using Homebrew or Go.
- [COMMAND_EXECUTION]: Executes system commands to interact with WhatsApp services, including sending messages, file attachments, and managing synchronization.
- [DATA_EXFILTRATION]: Accesses sensitive private information including WhatsApp message history, contact lists, and stores authentication credentials locally in '~/.wacli'.
Audit Metadata