k-skill-korean-ai-tools
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires installing several automation packages and CLI tools, such as
k-skill,kakaocli, andhwp.js, from the public npm registry. - [COMMAND_EXECUTION]: Multiple shell commands are utilized for environment configuration and automation tasks, including
k-skill-setup,sops, and various service-specific CLI operations for SRT and HWP conversion. - [CREDENTIALS_UNSAFE]: The skill manages authentication data for train reservations and external API keys. It recommends using environment variables and
sopsencryption for secure storage, which is a positive security practice. - [DATA_EXFILTRATION]: The skill accesses sensitive user information, including KakaoTalk conversation history and train reservation details, to perform automated service tasks.
- [PROMPT_INJECTION]: There is a risk of indirect prompt injection due to the skill's processing of untrusted external data.
- Ingestion points: Processes HWP documents via
HWPProcessorand retrieves live data from sports (KBO) and subway APIs. - Boundary markers: Absent; the skill does not use specific delimiters to isolate processed data from instructions.
- Capability inventory: The agent can send messages, perform reservations, and execute various CLI commands.
- Sanitization: External content is processed without visible validation or sanitization steps in the examples provided.
Audit Metadata