Skills
skills/team-attention/plugins-for-claude-natives/kakaotalk/Gen Agent Trust Hub

kakaotalk

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PRIVILEGE_ESCALATION] (MEDIUM): The skill requires the user to grant 'Accessibility' permissions to the terminal. This is a high-level permission on macOS that allows the agent to observe and control other applications, posing a significant risk if the agent's logic is manipulated.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill reads KakaoTalk messages which are untrusted external inputs. [Ingestion points]: kakao_read.py reads text from the KakaoTalk UI. [Boundary markers]: None present in the instructions. [Capability inventory]: Includes kakao_send.py for sending messages. [Sanitization]: None specified; the agent uses retrieved text directly to contextually draft replies.
  • [COMMAND_EXECUTION] (LOW): The skill executes local Python scripts (kakao_read.py, kakao_send.py) via 'uv run'. The actual code for these scripts was not provided for auditing.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill requires the installation of the 'atomacos' Python package for UI automation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:22 PM