prior-art-hunter
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes a local script tools/prior-art-search.py to automate searches. This execution is central to the skill's primary purpose.
- [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) due to its data ingestion workflow. Ingestion points: The skill reads full-text patent data and publications from untrusted external databases including USPTO and Google Patents. Boundary markers: There are no explicit delimiters or instruction-isolation markers provided to help the agent distinguish between search data and its own logic. Capability inventory: The agent has the ability to execute local Python scripts, read invention disclosures, and write analysis reports to the filesystem. Sanitization: No evidence of sanitization, filtering, or validation of the ingested patent text is present in the workflow.
Audit Metadata