intercity-bus-booking

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill programmatically fetches and parses live pages from the public Tmoney site (https://intercitybus.tmoney.co.kr) as part of its core workflow (see SKILL.md and scripts/intercity_bus_search.py), and those third-party HTML responses are interpreted to drive seat-selection, holds, and subsequent POST actions—meeting the criteria for untrusted third-party content that can influence agent behavior.