건강보험심사평가원 병원 검색

The skill bundle is classified as suspicious due to a critical shell injection vulnerability found in `scripts/hospital_search.sh`. The `HOSP_NAME` parameter is directly interpolated into a single-quoted Python string within a `python3 -c` command without proper escaping, allowing an attacker to inject arbitrary shell commands by crafting a malicious `HOSP_NAME` value. This constitutes a Remote Code Execution (RCE) vulnerability. Other files are largely benign, though `scripts/hospital.sh` contains a functional bug where a shell variable is not expanded within an embedded Python script.