MIJ Kakao Local API (PowerShell)

The skill is classified as suspicious due to its reliance on `curl.exe` (an external executable) for making API calls, where user-controlled input (`-Query` parameter) is incorporated into the command line. While the script attempts to mitigate shell injection risks by URL-encoding parameters using `[System.Uri]::EscapeDataString` and hardcoding the API endpoints to Kakao domains, the execution of an external binary with user-derived input still presents a potential vulnerability surface for command injection, even if mitigated. There is no evidence of intentional malicious behavior such as data exfiltration to arbitrary endpoints, persistence mechanisms, or prompt injection attempts in `SKILL.md`. Local file system access is confined to the skill's `data/` directory for legitimate purposes like configuration and caching.