Skills
skills/junghoonghae/skills/openkakao-cli/Gen Agent Trust Hub

openkakao-cli

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the 'openkakao-rs' CLI to perform messaging tasks and includes a --hook-cmd flag that allows the execution of arbitrary shell commands in response to incoming message events.\n- [EXTERNAL_DOWNLOADS]: Installs the 'openkakao-rs' binary from the author's official Homebrew tap (JungHoonGhae/openkakao).\n- [DATA_EXFILTRATION]: Provides functionality to send real-time chat data to external endpoints via the --webhook-url flag, which can be used to transmit message content outside the local environment.\n- [CREDENTIALS_UNSAFE]: Includes commands like login --save designed to extract authentication tokens from the local KakaoTalk application's Cache.db file for session management.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted chat data from the KakaoTalk platform.\n
  • Ingestion points: Incoming chat messages are ingested via the watch and loco-read commands as described in SKILL.md.\n
  • Boundary markers: Absent; the instructions do not provide delimiters or warnings to ignore instructions embedded in chat content.\n
  • Capability inventory: The skill can execute local commands via --hook-cmd and perform network operations via --webhook-url.\n
  • Sanitization: Absent; no validation or cleaning of ingested message content is specified.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 11:59 PM