fsc-corporate-info

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches data from an external proxy hosted at k-skill-proxy.nomadamas.org. This is a vendor-owned domain used to bridge requests to the South Korean Public Data Portal's corporate information services.
  • [DATA_EXFILTRATION]: User-supplied inputs, specifically corporate names and business registration numbers, are sent to the vendor's proxy service. This data transmission is limited to the search parameters required for the skill's intended functionality and does not involve the exposure of sensitive local credentials or files.
  • [PROMPT_INJECTION]: The skill exhibits an indirect ingestion surface through the processing of external API data.
  • Ingestion points: External corporate records are retrieved in scripts/fsc_corporate_info.py via HTTP GET requests.
  • Boundary markers: The script outputs data as structured JSON, though it does not provide explicit boundary instructions for the consuming agent.
  • Capability inventory: Analysis of scripts/fsc_corporate_info.py confirms no presence of dangerous capabilities such as file system modifications, subprocess execution, or dynamic code evaluation.
  • Sanitization: The skill employs standard JSON parsing and input validation for business registration numbers to ensure data integrity.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 04:43 AM
Security Audit — agent-trust-hub — fsc-corporate-info