Openclaw Whatsapp 2026.5.26.Tgz

Security checks across malware telemetry and agentic risk

Overview

This is an official OpenClaw WhatsApp channel plugin whose sensitive access is aligned with linking and operating a WhatsApp account, though users should understand it processes and may locally retain message content and media.

Install only if you intend OpenClaw to link to a WhatsApp account and process messages for that account. Prefer a dedicated WhatsApp number, keep DM/group policies restrictive, limit who can read OpenClaw logs and media storage, and review retention practices for saved attachments and auth files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (3)

Missing User Warnings

Medium

Confidence: 77% confidence
Finding: The QA driver session subscribes to inbound `messages.upsert` events, stores normalized message contents in memory, and exposes them through `getObservedMessages()` and `waitForMessage()`. That creates a message interception capability which can reveal private WhatsApp content to any caller with access to this API, and there is no access-control, minimization, or consent mechanism visible in this file.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: This code logs inbound WhatsApp message content, sender metadata, and local media paths to application logs. Because chat messages and attachment paths can contain sensitive personal, operational, or secret data, logging them creates a secondary data store that may be accessible to operators, support staff, log shippers, or other systems beyond the original messaging context.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The code automatically downloads inbound and quoted media from WhatsApp and persists it to local storage. Even with a size limit, this creates privacy and data-handling risk because attachments may contain sensitive content, malware-laden documents, or regulated data that is retained locally without clear consent, minimization, or lifecycle controls visible in this file.

VirusTotal

56/56 vendors flagged this plugin as clean.

View on VirusTotal