uspto-database
Pass
Audited by Gen Agent Trust Hub on May 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides a standard workflow for accessing United States Patent and Trademark Office (USPTO) records. It uses well-documented, official APIs and includes a boilerplate Python script for search operations.
- [DATA_EXFILTRATION]: The skill interacts with well-known official services such as
search.patentsview.org. It demonstrates best practices by instructing users to store API keys in environment variables rather than hardcoding them in scripts or logs. - [REMOTE_CODE_EXECUTION]: No patterns of downloading and executing untrusted remote code were found. The provided Python script uses the standard
requestslibrary to fetch structured data from official endpoints. - [PROMPT_INJECTION]: The instructions do not contain any patterns attempting to override agent safety guidelines, extract system prompts, or bypass constraints.
- [SAFE]: The skill performs an analysis of an attack surface for indirect prompt injection by identifying that it ingests untrusted data from external APIs. However, since the skill is intended for data-gathering and the processing logic is limited to search and verification, the risk remains low.
Audit Metadata