Skip to main content

ops-whatsapp-biz

Facilitates business messaging via WhatsApp Business Cloud API, enabling template management and product catalog integration.

Install this skill

or
22/100

Security score

The ops-whatsapp-biz skill was audited on May 29, 2026 and we found 22 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 23

Template literal with variable interpolation in command context

SourceSKILL.md
23```bash
medium line 68

Template literal with variable interpolation in command context

SourceSKILL.md
68```bash
medium line 111

Template literal with variable interpolation in command context

SourceSKILL.md
111```bash
medium line 199

Template literal with variable interpolation in command context

SourceSKILL.md
199```bash
medium line 249

Template literal with variable interpolation in command context

SourceSKILL.md
249```bash
medium line 281

Template literal with variable interpolation in command context

SourceSKILL.md
281```bash
medium line 367

Template literal with variable interpolation in command context

SourceSKILL.md
367```bash
medium line 69

Curl to non-GitHub URL

SourceSKILL.md
69RESULT=$(curl -s "https://graph.facebook.com/v20.0/${WABA_ACCOUNT_ID}/message_templates?fields=name,status,category,language,components&limit=50" \
medium line 127

Curl to non-GitHub URL

SourceSKILL.md
127RESP=$(curl -s -X POST "https://graph.facebook.com/v20.0/${WABA_PHONE_ID}/messages" \
medium line 222

Curl to non-GitHub URL

SourceSKILL.md
222RESP=$(curl -s -X POST "https://graph.facebook.com/v20.0/${WABA_ACCOUNT_ID}/message_templates" \
medium line 256

Curl to non-GitHub URL

SourceSKILL.md
256RESULT=$(curl -s "https://graph.facebook.com/v20.0/${WABA_ACCOUNT_ID}/message_templates?name=${TEMPLATE_NAME_ARG}&fields=name,status,rejected_reason,quality_score" \
medium line 283

Curl to non-GitHub URL

SourceSKILL.md
283CATALOGS=$(curl -s "https://graph.facebook.com/v20.0/${WABA_ACCOUNT_ID}?fields=catalog_id" \
medium line 294

Curl to non-GitHub URL

SourceSKILL.md
294PRODUCTS=$(curl -s "https://graph.facebook.com/v20.0/${CATALOG_ID}/products?fields=id,name,retailer_id,price,availability,url&limit=20" \
medium line 368

Curl to non-GitHub URL

SourceSKILL.md
368TEST=$(curl -s "https://graph.facebook.com/v20.0/${WABA_PHONE_ID}" \
low line 337

Access to hidden dotfiles in home directory

SourceSKILL.md
337grep -h 'WHATSAPP_BUSINESS\|WHATSAPP_PHONE' ~/.zshrc ~/.bashrc ~/.zprofile ~/.envrc 2>/dev/null | grep -v '^#'
low line 69

External URL reference

SourceSKILL.md
69RESULT=$(curl -s "https://graph.facebook.com/v20.0/${WABA_ACCOUNT_ID}/message_templates?fields=name,status,category,language,components&limit=50" \
low line 127

External URL reference

SourceSKILL.md
127RESP=$(curl -s -X POST "https://graph.facebook.com/v20.0/${WABA_PHONE_ID}/messages" \
low line 222

External URL reference

SourceSKILL.md
222RESP=$(curl -s -X POST "https://graph.facebook.com/v20.0/${WABA_ACCOUNT_ID}/message_templates" \
low line 256

External URL reference

SourceSKILL.md
256RESULT=$(curl -s "https://graph.facebook.com/v20.0/${WABA_ACCOUNT_ID}/message_templates?name=${TEMPLATE_NAME_ARG}&fields=name,status,rejected_reason,quality_score" \
low line 283

External URL reference

SourceSKILL.md
283CATALOGS=$(curl -s "https://graph.facebook.com/v20.0/${WABA_ACCOUNT_ID}?fields=catalog_id" \
low line 294

External URL reference

SourceSKILL.md
294PRODUCTS=$(curl -s "https://graph.facebook.com/v20.0/${CATALOG_ID}/products?fields=id,name,retailer_id,price,availability,url&limit=20" \
low line 368

External URL reference

SourceSKILL.md
368TEST=$(curl -s "https://graph.facebook.com/v20.0/${WABA_PHONE_ID}" \
Scanned on May 29, 2026
View Security Dashboard
Installation guide →
GitHub Stars 3.0K
Rate this skill
Categorysales
UpdatedJune 10, 2026
openclawapicustomer-success-managermarketing-analystgrowth-marketersocial-media-managerbusiness-developmentwhatsappsalesmarketing
davepoon/buildwithclaude