patents-search
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE] (MEDIUM): The skill setup flow requires the user to pass their API key as a command-line argument (
scripts/search setup <api-key>). This practice can expose sensitive credentials in shell history files and the system's process list. - [COMMAND_EXECUTION] (MEDIUM): The documentation suggests locating and executing the skill's script using dynamic path resolution (
PATENTS_SCRIPT=$(find ...); $PATENTS_SCRIPT). Executing files from paths determined dynamically at runtime is a risky pattern that could be exploited if the filesystem environment is compromised. - [DATA_EXFILTRATION] (LOW): User queries and API keys are sent to
api.valyu.ai, which is not on the trusted domain whitelist. While this is the skill's primary purpose, it involves sending intellectual property queries to a third-party service. - [PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8). 1. Ingestion points: Untrusted patent claims and descriptions are retrieved from an external API. 2. Boundary markers: None are used to distinguish patent content from system instructions. 3. Capability inventory: The agent can execute shell commands. 4. Sanitization: No sanitization or filtering of external data is performed before processing.
Audit Metadata