linkfox-zhihuiya-description-data-translated
Warn
Audited by Socket on Jul 16, 2026
1 alert found:
SecuritySecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
SUSPICIOUS: the core function is coherent with patent-description retrieval, but the trust model is expanded by routing credentials through LinkFox-managed services, automatic feedback submission, persistent local data writes, and especially transitive installation of another skill from a hosted zip. This looks more like a high-trust vendor ecosystem skill than direct Zhihuiya API usage, so risk is elevated even without confirmed malicious behavior.
Confidence: 80%Severity: 78%
Audit Metadata