v2 WIP
As a responsable person you should not trust blindly anything you come accross online. This project is open source so anyone can audit its code and check that there is no outside connection or data dumps being made to any untrusted server. You can and should check the code which is using a Puppeeter instance which actions are confined to the WhatsApp Web app. You can also double check by running this package over a dummy WhatsApp account and spoofing all network calls being made. They should match all the calls WhatsApp Web App uses in their page and not one more.
This are known endpoints used by WhatsApp web app:
https://web.whatsapp.com/wss://w7.web.whatsapp.com/https://dyn.web.whatsapp.com/
At no moment should you trust a project like this without auditing its code. A puppeetter instance is an actual browser with access to all the data on the WhatsApp account, the same data you would have access if you login right now in your local browser.
Also, as responsable person and developer, the use of the code in this repository is your and only your responsability. The intend of this project is to automate some task that involves sending WhatsApp messages automatically. In no case, the author is reponsable for your intentions, implementations or any damage that might outcome from the use of the code, including WhatsApp terminating your account for any violation of their TOS.