g2b-order-plan-search
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The Python script performs HTTP GET requests to fetch data from the author's proxy domain (
k-skill-proxy.nomadamas.org). This is the primary function of the skill and utilizes standard library modules (urllib). As the domain is associated with the vendor 'NomaDamas', this is considered a legitimate vendor resource. - [CREDENTIALS_UNSAFE]: The skill follows security best practices by delegating API key management (
DATA_GO_KR_API_KEY) to a proxy server. This ensures that sensitive credentials for the Public Data Portal are not stored in the skill code or required from the end-user. - [DATA_EXFILTRATION]: No unauthorized data access or exfiltration patterns were detected. The network operations are limited to sending search parameters to a defined API endpoint.
- [PROMPT_INJECTION]: The instructions in
SKILL.mdare purely instructional and do not contain any patterns typical of prompt injection or behavior override attempts.
Audit Metadata