korean-transit-route

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches and parses live responses from public third‑party services (Kakao geocoding via https://k-skill-proxy.nomadamas.org/v1/kakao-local/geocode and the ODsay routing API https://api.odsay.com/v1/api/searchPubTransPathT) and uses those responses to determine routing, times, and next actions, so untrusted external content can materially influence agent behavior.