tm-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md and scripts/tm_search.py) drives tmsearch.uspto.gov via Playwright and calls public endpoints (tmsearch.uspto.gov TSDR API and the RapidAPI uspto-trademark wrapper) and then parses those external, user-submitted/third-party trademark records to decide availability and next actions, so it ingests untrusted public content that can influence agent behavior.