whatsapp-automation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements an AI-powered chatbot that ingests untrusted messages from the WhatsApp API. This creates a surface for indirect prompt injection attacks where malicious users could potentially manipulate the AI's behavior.\n
- Ingestion points: The
n8n-nodes-base.whatsAppTriggernode in the n8n workflow example processes external user messages.\n - Boundary markers: There are no explicit delimiters or boundary markers separating user input from the system instructions in the provided n8n workflow example.\n
- Capability inventory: The skill has access to sensitive tools including
lookup_order,search_products,check_inventory, andcreate_ticket.\n - Sanitization: No sanitization or input validation is performed on the message content prior to processing by the AI model.
Audit Metadata