openclaw-whatsapp

The skill aims to provide a WhatsApp bridge for OpenClaw with message sending, auto-replies, and context-aware processing. The capability set is broadly coherent with the stated purpose, but several risk signals exist: (1) a download-execute pattern from a raw GitHub URL for installation, which is a significant supply-chain risk; (2) reliance on multiple local scripts and a locally exposed QR pairing endpoint, which could be abused if host/network controls are weak; (3) persistence of message and session data on disk increases data-at-rest exposure if the host is compromised; (4) prompts and allowlists enable user-driven behavior that could leak context or be misused if logs are exposed. Overall, the footprint is suspicious to high-risk for supply-chain and data-flow concerns, but not clearly malicious as delivered. Treat as SUSPICIOUS with high risk due to the external install pattern and data-flow surface; ensure trusted sources, pinning of versions, and strict access controls to local resources.