← Back to Skills Marketplace
mrhanson

whatsapp-monitor

by MrHanson · GitHub ↗ · v0.0.1 · MIT-0
cross-platform ⚠ suspicious
114
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install whatsapp-monitor
Description
Monitor specified WhatsApp chats for keywords in real time and batch export matched messages to Feishu multi-dimensional tables with optional alerts.
Usage Guidance
Things to consider before installing or running this skill: - Credentials handling: The skill expects Feishu credentials (app_id, app_secret, table tokens) but asks you to place them in config/feishu-settings.json (plain JSON), which may be stored under the skill directory or your home directory. Avoid committing that file to git; set secure file permissions and prefer using a secret store or environment variables if you can. - Inspect whatsapp_client.py and omitted files: The WhatsApp client interacts with WhatsApp Web and may automate a browser or rely on an OpenClaw channel; review those files for any network endpoints or unexpected outbound connections beyond Feishu’s API (open.feishu.cn). - Principle of least privilege: Create a Feishu app/token with only the table permissions you need, rotate tokens after testing, and restrict IPs or tenant access if possible. - Test in isolation: Run in a sandbox or non-production account first. The test scripts attempt to write configs and data under the skill directory; confirm file locations and permissions before adding real credentials. - Legal/privacy: Monitoring WhatsApp conversations may capture private or sensitive data. Ensure you have consent and comply with local laws and company policies before monitoring chats. - Deployment hygiene: The skill’s metadata does not declare required env vars; if you deploy this inside OpenClaw, explicitly configure env paths and secret storage in OpenClaw rather than leaving secrets in repo files. Consider adding .gitignore entries for config/feishu-settings.json or move secrets to environment variables or a secret manager. - If you are not comfortable auditing the network and whatsapp_client implementation, treat this skill as higher risk and avoid installing it in privileged environments.
Capability Analysis
Type: OpenClaw Skill Name: whatsapp-monitor Version: 0.0.1 The 'whatsapp-monitor' skill is a legitimate automation tool designed to monitor WhatsApp messages for specific keywords and export them to Feishu (Lark) multi-dimensional tables. The codebase is well-structured, transparent, and follows its stated purpose across files like `scripts/monitor.py`, `scripts/whatsapp_client.py`, and `scripts/feishu_client.py`. It uses the OpenClaw Gateway (localhost:18789) and the official Feishu API (open.feishu.cn) without any evidence of data exfiltration to unauthorized domains, obfuscation, or malicious execution patterns. The inclusion of a `.gitignore` in `load_skill.py` to protect local data and logs further indicates a focus on security best practices.
Capability Assessment
Purpose & Capability
The skill's name/description (WhatsApp → Feishu monitoring) aligns with the included scripts (whatsapp_client.py, feishu_client.py, monitor.py, message_processor.py, etc.). However, the skill metadata declares no required credentials or env vars while the runtime expects Feishu credentials (app_id/app_secret/table tokens) and an OpenClaw WhatsApp channel/device pairing. Expectation: credentials are required for operation, but they are only requested via local config files, not via declared env vars.
Instruction Scope
Runtime instructions explicitly direct the user/agent to pair WhatsApp Web, read or create local config files, store Feishu App ID/Secret and table tokens in config/feishu-settings.json, and persist matched messages under data/. The instructions also reference multiple lookup locations (skill dir, env-specified dir, user home), and offer optional alert channels (email/SMS/webhooks). Storing secrets in plain JSON and searching user home without enforcing safe permission practices is scope-creep that increases exposure beyond the stated monitoring task.
Install Mechanism
No remote binary downloads or archive extraction are used. install_deps.sh and run scripts install Python packages via pip from PyPI and run bundled tests. This is standard for Python projects; the install mechanism is proportional to the task.
Credentials
The code expects sensitive credentials (Feishu app_id/app_secret/table tokens and optionally a tenant_access_token) but the skill metadata lists no required environment variables or primary credential. Instead secrets are placed into config/feishu-settings.json. That mismatch (no declared required creds vs. actual runtime secrets) and the default behavior of writing configs into the skill or user-home paths (and the lack of enforced secure permissions) is disproportionate and raises accidental-exposure risk.
Persistence & Privilege
The skill does not request 'always: true' and does not modify other skills or system-wide settings; it creates local config/data/log directories and writes files under the skill directory. Autonomous invocation is allowed by default (normal for skills) but not by itself a reason to classify as malicious.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install whatsapp-monitor
  3. After installation, invoke the skill by name or use /whatsapp-monitor
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.0.1
whatsapp-monitor 0.0.1 - Initial release of WhatsApp message monitoring skill. - Monitors specified WhatsApp chats or groups in real-time for keyword hits. - Aggregates and exports filtered messages to a Feishu (Lark) multi-dimensional table on a schedule. - Supports keyword filtering, batch collection, scheduled exports, and optional immediate alerts for high-priority keywords. - Includes setup guides, sample configuration files, and troubleshooting steps.
Metadata
Slug whatsapp-monitor
Version 0.0.1
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is whatsapp-monitor?

Monitor specified WhatsApp chats for keywords in real time and batch export matched messages to Feishu multi-dimensional tables with optional alerts. It is an AI Agent Skill for Claude Code / OpenClaw, with 114 downloads so far.

How do I install whatsapp-monitor?

Run "/install whatsapp-monitor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is whatsapp-monitor free?

Yes, whatsapp-monitor is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does whatsapp-monitor support?

whatsapp-monitor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created whatsapp-monitor?

It is built and maintained by MrHanson (@mrhanson); the current version is v0.0.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments