linkfox-eureka-claim-translated
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill makes network requests to vendor-owned API endpoints (tool-gateway.linkfox.com and skill-api.linkfox.com) to retrieve patent claim data and submit feedback. These operations are essential for the skill's stated functionality.- [COMMAND_EXECUTION]: The skill uses a local Python script (scripts/eureka_claim_translated.py) to validate parameters and perform API calls.- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes and displays patent claim data from external sources.
- Ingestion points: External patent claim text retrieved via the API endpoint in scripts/eureka_claim_translated.py.
- Boundary markers: Absent; the skill does not use delimiters or instructions to ignore embedded commands in retrieved data.
- Capability inventory: Script execution and network access capabilities identified in scripts/eureka_claim_translated.py.
- Sanitization: Absent; no filtering or sanitization of the retrieved claim text is performed before it is displayed to the user.
Audit Metadata