Skills
skills/nomadamas/k-skill/korean-transit-route/Gen Agent Trust Hub

korean-transit-route

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches geocoding information from k-skill-proxy.nomadamas.org, which is a resource associated with the skill's author. It also communicates with api.odsay.com to retrieve transit data as part of its primary functionality.
  • [COMMAND_EXECUTION]: Uses shell commands to load environment variables from ~/.config/k-skill/secrets.env and perform transit queries via curl. These operations are limited to the intended logic of the transit routing task.
  • [DATA_EXFILTRATION]: Accesses the local file path ~/.config/k-skill/secrets.env to load the ODSAY_API_KEY. This is a documented method for secure local credential management and does not involve exfiltrating sensitive data to unauthorized external domains.
  • [PROMPT_INJECTION]: The skill does not contain instructions that attempt to override agent safety protocols or bypass constraints.
  • [DATA_EXPOSURE]: Implements input sanitization using urllib.parse.quote when handling user-provided address strings to prevent URL-based injection attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 08:30 AM