The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill correctly manages authentication by using an environment variable (LINKFOXAGENT_API_KEY) for the API key, following security best practices to avoid hardcoding secrets.
[DATA_EXFILTRATION]: Network activity is restricted to the vendor's API endpoints at tool-gateway.linkfox.com and skill-api.linkfox.com for retrieving patent data and submitting usage feedback. No unauthorized access to local sensitive files or data exfiltration patterns were observed.
[PROMPT_INJECTION]: The skill ingests external data (patent abstracts) from a remote API, creating a surface for indirect prompt injection. 1. Ingestion points: API responses processed in eureka_abstract_translated.py. 2. Boundary markers: Results are contained within structured table displays as per SKILL.md. 3. Capability inventory: The skill is limited to text display and lacks file system or command execution privileges. 4. Sanitization: Not explicitly implemented in the provided scripts. Given the lack of dangerous capabilities, the risk of exploitation is negligible.

linkfox-eureka-abstract-translated