wacli
Warn
Audited by Snyk on Feb 23, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs use of commands like "wacli sync --follow" and "wacli messages search ..." which fetch and ingest user-generated WhatsApp chat history (third‑party content) that the agent would read and that could materially influence subsequent actions such as sending messages.
Audit Metadata