Phishing attack possible with new chat reporting system

It is trivially possible to trick users into sending arbitrary messages that they did not type, which leads to their client signing that message, which means the message would be valid for reporting.

tellraw @a {"text":"Definitely an innocent link","underlined":true,"clickEvent":{"action":"run_command","value":"A very naughty message"}}

There is no warning or user indication as to what they are about to send to chat, making clicking on any chat dangerous.