public-restroom-nearby

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads the official public_restroom_info CSV from file.localdata.go.kr and queries Kakao Map endpoints (m.map.kakao.com and place-api.map.kakao.com) to resolve anchors and coordinates, and those third‑party responses are read and used to choose nearby results and next actions—so external, public web content can materially influence the agent's decisions.