patent-search
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs patent searches using a legitimate and official government API (KIPRIS). It handles API authentication by prompting the user to provide a key, which is then stored in a local environment file (moai-credentials.env) for persistent use. This is a standard and secure implementation for managing user-specific credentials.
- [SAFE]: The skill retrieves and processes external data from the KIPRIS Plus API. This creates an attack surface for indirect prompt injection from patent titles or summaries; however, the risk is assessed as safe because the data source is a trusted government entity and the skill's capabilities are limited to searching and summarizing records.
- Ingestion points: XML-formatted patent and bibliography data from http://plus.kipris.or.kr/openapi/rest/.
- Boundary markers: Not present in the provided instructions.
- Capability inventory: Network operations (WebFetch) and result parsing. No scripts, subprocess executions, or system-level modifications are present.
- Sanitization: No explicit sanitization or filtering of the API-returned text is mentioned in the workflow.
Audit Metadata