naver-land-scouter

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes examples and options that inject headers/cookies via command-line (e.g., --cookie "NID_SES=..."), which encourages embedding secret/session tokens verbatim into generated commands, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches data from the public site https://new.land.naver.com (see DEFAULT_BASE_URL in scripts/naver_land_client.py and the API flows documented in SKILL.md and references/api_endpoints.md), ingests untrusted public listing fields (e.g., article/listing descriptions via fetch_article_detail/fetch_articles_by_complex in scripts/naver_land_repository.py) and then reads/uses those fields in services and report generation (scripts/services/* and report_formatter.py) to compute recommendations and outputs, so third‑party content can materially influence decisions and actions.