naver-land-scouter
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing external data from real estate listings.
- Ingestion points: External data is ingested via API calls in
scripts/naver_land_repository.pyand processed in various services. - Boundary markers: While the output uses Markdown code blocks and
<details>tags for structure, it lacks explicit instructions to ignore natural language commands embedded in the retrieved text. - Capability inventory: The skill is restricted to making network requests and formatting reports; no execution or file-system modification capabilities were found.
- Sanitization: The skill uses Pydantic for structural validation, but does not perform content-based sanitization for potential injection attacks in text fields.
Audit Metadata