Is whatsapp-styling-guide safe?

https://clawhub.ai/skill/whatsapp-styling-guide

95
SAFE

This is a benign, text-only formatting guide that instructs an LLM agent to use WhatsApp-compatible text styling instead of standard Markdown. It contains no executable code, no external URL references, no data access patterns, and no prompt injection attempts. All monitoring signals (canary files, network, filesystem, process execution) are clean.

Category Scores

Prompt Injection 90/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 92/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 88/100 · 5%

Findings (3)

LOW Directive formatting constraints modify agent output behavior -10

The skill uses imperative language like 'NEVER use double asterisks' and 'Do NOT use' headers/tables/horizontal rules. While this is appropriate for a formatting guide, it does alter how the agent produces output by constraining its default Markdown behavior. This is the intended purpose of the skill and is not malicious, but users should be aware that activating this skill will change formatting across all WhatsApp-targeted outputs.

INFO Standard registry network connection during install -8

A single TLS connection to 216.150.1.1:443 was observed during installation. This is the clawhub.ai registry used for skill resolution and download. No unexpected or suspicious network destinations were contacted.

INFO Formatting could aid social engineering if combined with messaging tools -12

The skill's goal of achieving a 'Human-to-Human look' could theoretically make LLM-generated WhatsApp messages appear more natural and less machine-generated. In combination with a WhatsApp-sending tool, this could marginally aid social engineering. However, this is the legitimate purpose of the skill and the risk is negligible in isolation.