naver-land-scouter

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt instructs capturing and reusing browser Authorization: Bearer headers and shows examples of passing cookies/headers directly on the command line or via env vars (e.g., --cookie "NID_SES=..." and exported NAVER_LAND_COOKIES), which requires embedding secret cookie/token values verbatim and thus exposes them through generated commands/outputs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill autonomously fetches and boots sessions against the public site https://new.land.naver.com (see SKILL.md and session_bootstrap.py / naver_land_client.py) and ingests untrusted user-generated listing/article payloads (article detail/list APIs) which are parsed and used to drive follow-up API calls and produce recommendations, so third‑party content can materially influence behavior.