Safety
How to verify WhatsApp MCP for macOS
This page is here so users, security reviewers, and browser protection systems can quickly see what the project does and what it does not do.
Independent project
WhatsApp MCP for macOS is not affiliated with, endorsed by, or sponsored by WhatsApp LLC or Meta Platforms. The name describes interoperability with the WhatsApp desktop app.
No credential collection
The server never asks for your WhatsApp password, QR code, Meta credentials, payment details, browser cookies, session files, or recovery codes.
Local-only operation
The MCP server runs as a local stdio process on your Mac. It uses macOS Accessibility APIs to read and operate the WhatsApp desktop window that is already signed in.
Revocable permission
The only system permission involved is Accessibility for the host app that launches the MCP server. You can revoke it any time in System Settings.
Public install command
The install command is public. You do not need to enter an email address to install or inspect the project.
npm install -g whatsapp-mcp-macos{
"mcpServers": {
"whatsapp": {
"command": "whatsapp-mcp-macos",
"transport": "stdio"
}
}
}Source and package verification
- Source code: github.com/m13v/whatsapp-mcp-macos
- npm package name:
whatsapp-mcp-macos - Privacy details: /privacy
Use it responsibly
This is a personal automation tool for your own signed-in desktop app. Do not use it for unsolicited bulk messaging, impersonation, or bypassing WhatsApp or Meta policies.