Skills
skills/biggora/claude-plugins-registry/tm-search/Gen Agent Trust Hub

tm-search

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The provided script scripts/tm_search.py and instructions in SKILL.md utilize the Playwright library to automate browser interactions. This involves launching and controlling a Chromium browser instance to bypass web application firewalls on the USPTO website.
  • [EXTERNAL_DOWNLOADS]: The skill instructions and scripts require the installation of external dependencies, specifically the playwright and requests Python packages, as well as the execution of playwright install chromium to download the necessary browser binaries.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes unvalidated data from external sources (the USPTO website and RapidAPI). Maliciously crafted trademark data (e.g., in the 'status' or 'owner' fields) could potentially influence the agent's behavior when the results are displayed.
  • Ingestion points: Data is fetched in scripts/tm_search.py via requests (from the TSDR API) and playwright (from the search UI).
  • Boundary markers: No explicit delimiters or instruction-override guards are used when interpolating external data into the agent's output.
  • Capability inventory: The script performs network requests and controls a browser process.
  • Sanitization: There is no significant sanitization or filtering of the retrieved data before it is presented to the user.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 05:47 AM
Security Audit — agent-trust-hub — tm-search