k-research-note

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's workflow explicitly instructs the agent to perform "웹 검색 (web_search)" during AI-assisted section drafting (see SKILL.md Group C: "AI 작성 시: 웹 검색(web_search)으로 관련 정보 조사"), which means the agent will fetch and interpret public third‑party web content as part of its normal workflow and that content could materially influence subsequent draft content and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The scripts perform runtime pip installs (subprocess calls to install "python-docx" and "fpdf2", which will fetch code from PyPI e.g. https://pypi.org/project/python-docx and https://pypi.org/project/fpdf2) so external packages are retrieved and executed at runtime, constituting remote code execution risk.