linkfox-eureka-patent-image-search
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes patent information from an external API, which could potentially contain malicious instructions.
- Ingestion points: External patent metadata (titles, abstracts) is ingested through the Eureka API endpoint in
scripts/eureka_patent_image_search.py. - Boundary markers: No explicit delimiters or instructions to disregard embedded content are used when presenting search results to the agent in
SKILL.md. - Capability inventory: The skill utilizes network access and executes a Python script to perform searches and provides feedback via a dedicated API.
- Sanitization: The skill does not perform validation or sanitization on the text content returned from the patent database before it is processed by the agent.
Audit Metadata