The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill retrieves and processes data from external USPTO APIs (patent abstracts, application status descriptions, etc.), which could theoretically contain malicious instructions designed to influence the agent.
Ingestion points: scripts/patent_search.py (retrieves patent abstracts and titles), scripts/trademark_client.py (retrieves goods/services descriptions), and scripts/peds_client.py (retrieves transaction descriptions).
Boundary markers: Absent. The scripts return data as raw strings or JSON without providing clear delimiters or instructions to the agent to ignore embedded commands.
Capability inventory: The skill performs network operations via the requests library to legitimate USPTO and PatentsView endpoints. No local file-writing or system command execution capabilities were identified.
Sanitization: Absent. The skill performs standard JSON parsing but does not implement content filtering or sanitization specifically targeting LLM injection patterns.
[Unverifiable Dependencies] (LOW): The scripts and documentation recommend installing external Python packages including requests and uspto-opendata-python. While these are standard and well-known libraries for their respective tasks, they are third-party dependencies.

uspto-database