katok
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: katok Version: 1.0.2 The skill bundle is benign. The `SKILL.md` clearly defines the purpose as macOS KakaoTalk automation using the `katok` CLI tool, explicitly allowing `Bash(katok *)`. There are no instructions for prompt injection, data exfiltration, persistence, or any other malicious activities. The prerequisites mention installing `katok` via `brew` and the KakaoTalk app, but these are described as requirements, not direct instructions for the agent to execute without user context or confirmation. The content aligns with the stated purpose and lacks any high-risk behaviors beyond enabling the described functionality of the `katok` tool.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill may be able to read KakaoTalk contacts/chats/messages and perform actions as the logged-in user.
The skill requires macOS Accessibility authority to control the logged-in KakaoTalk app, which can expose private account data and act as the user.
macOS 접근성 API를 사용하여 카카오톡을 자동화합니다... 접근성 권한이 필요합니다.
Grant Accessibility permission only if you trust the installed katok CLI, consider using a dedicated environment, and revoke the permission when not needed.
If the agent misunderstands a request or acts too broadly, it could send an unintended KakaoTalk message from the user's account.
The allowed tool pattern permits katok command execution, including the documented send operation, without an artifact-level requirement for explicit user confirmation.
allowed-tools: Bash(katok *) ... katok send "채팅방 이름" "보낼 메시지"
Require explicit user approval before every send action, and prefer read-only use unless the user clearly names the recipient and exact message.
The security of the skill depends on an external CLI that was not included in the reviewed artifacts, even though it will receive sensitive local UI/account authority.
The actual automation runtime is installed from an external Homebrew tap, while the provided skill has no code files to review.
미설치 시: `brew install sunghyun-k/tap/katok`
Inspect the Homebrew tap and katok source/release provenance before installing, and avoid granting Accessibility permission to unverified binaries.
KakaoTalk may open during a task, which is expected for this automation but may surprise users if they did not intend to interact with the app.
The skill discloses that the CLI may start KakaoTalk automatically if it is not already running.
미실행 시 katok이 자동으로 실행합니다
Run the skill only when you are comfortable with KakaoTalk opening and being controlled locally.