naver-shopping-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly calls a public Naver shopping BFF JSON endpoint (ns-portal.shopping.naver.com/api/v2/shopping-paged-slot?query=...) via the no-key fallback and ingests the returned items to select and rank product candidates, so untrusted third-party content from the open web is read and used to drive the agent's decisions.