Well, considering where we are now, that 3rd party programs can read the EQ client's memory and send commands, or even inject data into it, it's a huge risk. I don't know the full story on how people are accessing PoK on TLP's before PoP opens, but it means they are doing more than sending mouse/keyboard commands to the client. So DPG has to be very careful about the line between what the client can be trusted to handle, even if it would help performance. AFAIK when you hit a social, those actions are taken by the client. It doesn't send the social to the server, as the social isn't even saved server side to begin with. Your client executes the social commands, just like if you were clicking single commands one by one. That's safe, and just as safe as having the server do it, because in the end the client can only do things you could do, and the server will only allow things it expects you to be able to do. So while a potential exploiter could probably implement a much more effective macro/social/mash-key using a 3rd party program, it couldn't do anything the client couldn't already do if it was coded perfectly. The server is the gate-keeper, but even now it's not the perfect gate-keeper, because there are warp hacks and such. If they blur that line too much, the potential for exploiting becomes much greater, and that's a big risk.