registry  /  @arooong/kakao-cli  /  0.1.0

@arooong/kakao-cli@0.1.0

Terminal (CUI) KakaoTalk client built with ink (React for CLI)

AI Security Review

scanned 4h ago · by lpm-firewall-ai

The package ships an intentionally obfuscated CLI that can authenticate to KakaoTalk and store local credentials when used in live mode. The risk is auditability and credential-handling exposure, not confirmed install-time malware.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
User runs kakao-cli, especially with --live or KAKAO_BACKEND=live
Impact
May connect to Kakao services and store/read login credentials locally; no confirmed theft or unauthorized install-time execution.
Mechanism
obfuscated KakaoTalk LOCO client with local auth persistence
Rationale
Static inspection found substantial obfuscation and sensitive network/auth/file primitives, but they are activated by an explicit CLI and align with the documented KakaoTalk client behavior. With no lifecycle hook, no confirmed external exfiltration endpoint, and no destructive or persistence chain, this should warn rather than block.
Evidence
package.jsondist/cli.jsREADME.mdTHIRD_PARTY_NOTICES.mdauth.json.device-uuid

Decision evidence

public snapshot
AI called this Suspicious at 78.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • dist/cli.js is a 1.9 MB single-line javascript-obfuscator-style bundle with string-array/control-flow decoding.
  • package.json exposes the obfuscated bundle as the kakao-cli bin entrypoint.
  • dist/cli.js contains process.env, fetch, net/tls, file read/write/unlink, and require-proxy primitives.
  • README documents live QR login, Kakao LOCO protocol use, and local credential storage in auth.json/.device-uuid.
Evidence against
  • package.json declares no preinstall/install/postinstall lifecycle hooks.
  • Execution is user-invoked via kakao-cli; default mode is documented as mock, with live mode selected by --live or KAKAO_BACKEND.
  • README and notices align network/auth behavior with an unofficial KakaoTalk terminal client.
  • No decoded non-Kakao exfiltration endpoint, destructive action, persistence, or AI-agent control-surface mutation was confirmed from package files.
Behavioral surface
Source
EnvironmentVarsNetwork
Supply chain
MinifiedObfuscatedProtestwareTelemetryTrivial
Manifest
NoLicense
scanned 1 file(s), 1.83 MB of source

Source & flagged code

2 flagged · loading source
dist/cli.jsView file
1#!/usr/bin/env node L2: var _0x5ae362=_0x5d48;(function(_0x3d875c,_0x5b5d90){var _0x1bcff5=_0x5d48,_0x37b86b=_0x3d875c();while(!![]){try{var _0x593a32=parseInt(_0x1bcff5(0x15a5))/0x1+-parseInt(_0x1bcff5(0...
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/cli.jsView on unpkg · L1
1#!/usr/bin/env node L2: var _0x5ae362=_0x5d48;(function(_0x3d875c,_0x5b5d90){var _0x1bcff5=_0x5d48,_0x37b86b=_0x3d875c();while(!![]){try{var _0x593a32=parseInt(_0x1bcff5(0x15a5))/0x1+-parseInt(_0x1bcff5(0...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/cli.jsView on unpkg · L1

Findings

1 Critical3 High3 Medium3 Low
CriticalProtestware
HighSame File Env Network Executiondist/cli.js
HighObfuscated Payload Loaderdist/cli.js
HighObfuscated
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowTelemetry
LowNo License