Skills
skills/sickn33/antigravity-awesome-skills/observe-whatsapp/Gen Agent Trust Hub

observe-whatsapp

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it ingests and processes untrusted external data from WhatsApp messages and API logs.
  • Ingestion points: Untrusted data enters the agent context through the outputs of scripts/messages.js, scripts/message-details.js, and scripts/webhook-deliveries.js.
  • Boundary markers: The documentation does not specify the use of delimiters or instructions to ignore embedded commands within the retrieved message data.
  • Capability inventory: The skill can execute local Node.js scripts and perform network operations via the Kapso API.
  • Sanitization: No evidence of sanitization or escaping of the ingested message content is provided in the skill instructions.
  • [COMMAND_EXECUTION]: The skill's core functionality relies on executing multiple local Node.js scripts (e.g., messages.js, overview.js) via the command line.
  • [EXTERNAL_DOWNLOADS]: The setup instructions include running npm i, which fetches necessary dependencies from the well-known npm registry.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 09:14 AM