imsg

The imsg CLI's described functionality is legitimate for managing Messages from the terminal but inherently high-risk: it requires macOS Full Disk Access (for reading messages/attachments) and Automation permission to control Messages.app (for sending). Those privileges enable realistic exfiltration and impersonation paths if an attacker or automated agent can execute the CLI. I find no evidence in the provided fragment of explicit malicious code, obfuscation, hard-coded credentials, or remote attacker-controlled network interactions; the risk arises from the powerful capabilities and required system permissions. Recommended controls: run under a dedicated, least-privileged Apple ID; restrict who/what can execute the CLI (avoid running from untrusted automation agents); require explicit interactive confirmation or out-of-band approvals before sending; enable logging/monitoring of send activity; and minimize granting Full Disk Access to only trusted processes. Treat this package as a moderate-to-high security risk in automated or shared environments.