Skills
skills/nexscope-ai/nexscope-ecommerce-skills/patent-claim-analyzer/Gen Agent Trust Hub

patent-claim-analyzer

Pass

Audited by Gen Agent Trust Hub on Jun 28, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: Credential handling follows security best practices. The skill retrieves its API keys and proxy configuration from environment variables (NEXSCOPE_API_KEY and NEXSCOPE_PROXY_BASE) rather than hardcoding sensitive information.
  • [SAFE]: External communication is restricted to the vendor-owned patent data API (Zhihuiya), which is essential for the skill's documented functionality.
  • [SAFE]: File system access is limited to reading local configuration files and writing visualization charts (PNGs) to a user-provided directory, with no unauthorized access to sensitive system paths.
  • [SAFE]: Subprocess execution is correctly scoped to running the skill's internal Python scripts for data analysis and reporting.
  • [SAFE]: No patterns of obfuscation, persistent access, or prompt injection were detected. The skill processes external patent claim data using structured regex parsing to minimize theoretical indirect injection risks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 28, 2026, 07:06 AM
Security Audit — agent-trust-hub — patent-claim-analyzer