Skills
skills/nomadamas/k-skill/seoul-density/Gen Agent Trust Hub

seoul-density

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches real-time data from the vendor's proxy endpoint at https://k-skill-proxy.nomadamas.org. This is used to provide the skill's primary functionality by accessing the Seoul Open Data API.\n- [COMMAND_EXECUTION]: Implements a single-entrypoint CLI script. Analysis of scripts/seoul_density.py shows it uses safe practices for input handling and does not invoke external shell commands or arbitrary code.\n- [PROMPT_INJECTION]: As the skill ingests data from an external API, it possesses an indirect prompt injection surface. Malicious content within the API response could potentially attempt to influence the agent.\n
  • Ingestion points: API response data processed in scripts/seoul_density.py via fetch_density_via_proxy.\n
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the output.\n
  • Capability inventory: The skill is limited to performing network GET requests to the specified proxy URL.\n
  • Sanitization: The script parses structured JSON data but does not perform sanitization on string fields displayed to the user.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 04:06 PM