wacli
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and installs the 'wacli' binary from the 'steipete/wacli' GitHub repository via 'go install' or a Homebrew tap. This is an external dependency required for the skill's operation.\n- [COMMAND_EXECUTION]: Executes system commands using the 'wacli' CLI to manage WhatsApp communications, including authentication and message management.\n- [DATA_EXFILTRATION]: Provides functionality to send local files to external WhatsApp contacts via the 'wacli send file' command, which acts as a data transfer vector.\n- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection through external WhatsApp data.\n
- Ingestion points: Message history, search results, and backfill operations (SKILL.md).\n
- Boundary markers: Absent; there are no delimiters or warnings to ignore instructions in processed messages.\n
- Capability inventory: Execution of 'wacli' commands for sending text and files (SKILL.md).\n
- Sanitization: No evidence of validation or sanitization of incoming message content.
Audit Metadata