opendart-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly downloads public filings and the master corp-code ZIP from the OpenDART API (base URL https://engopendart.fss.or.kr/engapi) — see SKILL.md and scripts/opendart_client.py (get_corp_codes, search_filings, download_document, poll_new_filings, monitor_companies) — and it automatically reads/parses those third‑party filings and invokes callbacks or uses their fields to drive follow-on requests and actions, so untrusted public content can influence agent behavior.