linkfox-ruiguan-patent-design
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the execution of local Python scripts, specifically
scripts/ruiguan_detection_patent_design.pyandscripts/upload_image.py, to perform its core operations including API interaction and file handling. - [DATA_EXFILTRATION]: The script
scripts/upload_image.pyimplements a workflow where it reads the content of a local file path provided as an argument and transmits that data to the vendor's domain (tool-gateway.linkfox.com). This is the intended functionality to convert local images into the publicly accessible URLs required for analysis by the patent detection service. - [DATA_EXFILTRATION]: Surface for Indirect Prompt Injection (Category 8):
- Ingestion points: The skill ingests untrusted data from user-provided fields (
productTitle,productDescription) and from the external Ruiguan API response (patentProd,abstracts,specification). - Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard instructions embedded within the processed image descriptions or API results.
- Capability inventory: The skill has the capability to execute shell commands via Python scripts, read local files, and perform network requests using
urllib.request. - Sanitization: The provided scripts do not show evidence of sanitization or validation of the text content retrieved from the patent database before it is presented to the user.
Audit Metadata