patent-family-explorer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The skill calls Zhihuiya endpoints at runtime (/api/v1/tools/linkfox/zhihuiya/patentFamily and /api/v1/tools/linkfox/zhihuiya/legalStatus) and then injects the returned family member fields (e.g., pn, doc_number, kind, and any string fields used in chart labels) into the agent’s generated LLM context via the produced JSON/markdown report; since this is outsider-provided free text from an external API, it can carry indirect prompt-injection payloads.