Imsg 1.0.0

Type: OpenClaw Skill Name: imsg-1-0-0 Version: 1.0.0 The skill bundle instructs the agent to install the 'imsg' tool from a third-party Homebrew tap (`steipete/tap/imsg`). The `SKILL.md` documentation explicitly states that the 'imsg' tool requires 'Full Disk Access' and 'Automation permission to control Messages.app' on macOS. Furthermore, it demonstrates the ability to send arbitrary files via iMessage/SMS using the `--file` argument. While these permissions and capabilities are plausibly necessary for the tool's stated purpose, they introduce a significant security risk due to the broad access to the filesystem and the potential for data exfiltration if the 'imsg' binary itself were compromised or misused. The reliance on a third-party binary with such high privileges, even without direct malicious instructions for the agent, warrants a 'suspicious' classification.