chinese-patent
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill fetches the '@next-ai-drawio/mcp-server@0.1.15' package via npx to provide diagramming capabilities. This is a versioned dependency used for the core functionality of the skill.- [COMMAND_EXECUTION]: The skill uses Python's 'subprocess' module in 'scripts/html_to_docx.py' to call 'pandoc' for document conversion. It also utilizes 'playwright' in 'scripts/html_to_pdf.py' for rendering PDF documents. These tools are well-known services used locally for the skill's primary purpose.- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted user-provided patent specifications and diagram descriptions for auditing and visual extraction.
- Ingestion points: Patent drafts in 'SKILL.md' (audit/review) and text/image data in 'drawio/SKILL.md' (diagram extraction).
- Boundary markers: No explicit delimiters or ignore-embedded-instruction warnings are specified in the provided prompts.
- Capability inventory: Subprocess execution of 'pandoc', file write access for generated documents (PDF, Docx, PNG), and MCP session management.
- Sanitization: The skill includes specific validation and escaping for math labels in 'drawio/src/math/index.js' to prevent HTML injection into rendered diagrams.
Audit Metadata