Skills
skills/devxoul/agent-messenger/agent-kakaotalk/Gen Agent Trust Hub

agent-kakaotalk

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the agent-kakaotalk CLI (distributed via the agent-messenger npm package) to interact with KakaoTalk. It executes shell commands to list chats, send messages, and manage authentication.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it reads external chat messages from KakaoTalk which are then processed by the agent.
  • Ingestion points: The message list command fetches message history from external KakaoTalk chat rooms into the agent's context.
  • Boundary markers: There are no explicit instructions for the agent to use delimiters or sanitization when processing message content.
  • Capability inventory: The agent can execute Bash commands and use all sub-commands of the agent-kakaotalk tool, including sending messages and listing accounts.
  • Sanitization: No input validation or escaping of message content is mentioned in the provided instructions or shell scripts.
  • [DATA_EXPOSURE]: The skill manages session tokens and account metadata in ~/.config/agent-messenger/kakaotalk-credentials.json and a persistent memory file ~/.config/agent-messenger/MEMORY.md. The credentials file is handled with restricted (0600) file permissions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 02:08 AM