Wati
UnverifiedREPOjairajmehra/wati_whatsapp_mcp
C
Catalogue entry updated 5 days ago
Auth postureNot probedno remote endpoint probed yet
Tools111 Execute · 6 Write · 4 Read
Worst categoryExecutegrade tracks the peak, not the average
Capability mix
Execute 1Write 6Read 4
What it can reach
Ingests untrusted inputTouches secretsReaches networkRuns codeTouches filesChanges permissionsSends external commsPersistsDeletes dataMoves money
Exfiltration pathReads content an attacker can plant and can send data outward — a prompt-injection-to-exfiltration route.
Tools 11
send_template_messages_from_csvadd_contactsend_file_to_opened_sessionsend_message_to_opened_sessionsend_template_message
Change history
No changes recorded since first scan. Watched servers surface a diff within the hour.
Recommended policy
send_template_messages_from_csvrequire approval
add_contactrate limit
Read-only toolsallow
Full policy breakdown with enforcement rules →