t1385.3: WhatsApp bot subagent doc (Baileys)#2779
Conversation
Create .agents/services/communications/whatsapp.md covering: - Baileys library (TypeScript, MIT, unofficial WhatsApp Web API) - QR code linking and pairing code authentication - Multi-device support and session persistence - Full messaging features (text, media, reactions, polls, status) - Group management and JID format reference - Access control patterns (allowlist, rate limiting, permission levels) - Privacy/security assessment: Signal Protocol E2E for content but extensive Meta metadata harvesting, ToS violation risks, account ban mitigation strategies - aidevops runner dispatch integration with command router pattern - Matterbridge bridging via whatsmeow (native WhatsApp support) - Connection management and health monitoring - Comparison tables vs SimpleX, Matrix, XMTP, WhatsApp Business API Closes #2750
- Replace execSync with execFileSync + argument array to eliminate shell injection vulnerability (critical security fix) - Add setTimeout backoff delays to all reconnect paths to prevent stack overflow on rapid connection failures - Update package name from @whiskeysockets/baileys to baileys (official unscoped package) and Node.js requirement from 18+ to 20+ - Clarify session store as non-production example, not pluggable built-in - Update security guidance to recommend execFileSync and JSON IPC patterns - Fix pairing code example to omit + prefix per JID format spec - Pin matterbridge install to @latest instead of @master for stability
|
Warning You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again! |
|
Warning Rate limit exceeded
⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. 📒 Files selected for processing (1)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
🔍 Code Quality Report�[0;35m[MONITOR]�[0m Code Review Monitoring Report �[0;34m[INFO]�[0m Latest Quality Status: �[0;34m[INFO]�[0m Recent monitoring activity: 📈 Current Quality Metrics
Generated on: Tue Mar 3 05:08:50 UTC 2026 Generated by AI DevOps Framework Code Review Monitoring |
|
2 participants
Summary
Changes from review feedback (PR #2761)
Addresses all CodeRabbit and Gemini review findings:
baileyspackage (formerly@whiskeysockets/baileys), clarified session store as file-based example onlysetTimeout(() => startBot(), 3000)prevents stack overflow from rapid recursive callsexecSyncwith string interpolation withexecFileSyncusing argument arrays — eliminates all shell metacharacter injection vectorsexecFileSyncwith argument arrays,prompt-guard-helper.shscanning, JSON IPC as preferred pattern+prefix from pairing code example per Baileys JID format specstartBot()reconnections: UsesetTimeoutthroughout (no direct recursive calls)Rebased
Rebased onto current main to resolve conflicts with #2771 (batch chat platform agents). This branch's version is the comprehensive, reviewed version (966 lines vs 740-line batch version).
Closes #2750