linkfox-zhihuiya-patent-forward-citation

Pass

Audited by Gen Agent Trust Hub on Jul 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to download and install an auxiliary onboarding skill from a vendor-controlled URL (https://agent-files.linkfox.com/skills/linkfox-onboarding/release.zip) if local configuration is missing. This is a vendor-provided resource used for environment setup.\n- [COMMAND_EXECUTION]: Executes the local Python script scripts/zhihuiya_cited_references.py to process patent data and manage API interactions.\n- [DATA_EXFILTRATION]: Performs network requests to vendor APIs at tool-gateway.linkfox.com and skill-api.linkfox.com to retrieve patent information and submit feedback. These endpoints are owned by the skill vendor.\n- [CREDENTIALS_UNSAFE]: The skill reads API credentials from the LINKFOX_AGENT_API_KEY and LINKFOXAGENT_API_KEY environment variables, which is a standard method for managing secrets in agent environments.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting and processing data from an external patent database.\n
  • Ingestion points: User-provided patent identifiers and citation data retrieved from the Zhihuiya API processed by the Python script.\n
  • Boundary markers: Data is structured in JSON and presented in tables, but there are no explicit delimiters or instructions to ignore embedded commands in the external data.\n
  • Capability inventory: The skill can execute Python scripts, write data files to the project directory, and perform network requests.\n
  • Sanitization: No evidence of sanitization or filtering of the content returned from the external patent database was found.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 16, 2026, 08:09 AM