seoul-subway-arrival
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes
sops exec-envto runcurlcommands, ensuring that theSEOUL_OPEN_API_KEYis securely injected into the environment for the specific task and not exposed in plaintext or shell history. It also references a localcheck-setup.shscript for validating the environment. - [EXTERNAL_DOWNLOADS]: Retrieves transit information from
swopenAPI.seoul.go.kr, the official and well-known government endpoint for Seoul's public data. - [CREDENTIALS_UNSAFE]: Enforces secure handling of sensitive data by requiring local encryption of API keys and providing clear instructions to users to avoid pasting plaintext secrets into the chat interface.
Audit Metadata