Skills
skills/robthepcguy/claude-patent-creator/bigquery-patent-search/Gen Agent Trust Hub

bigquery-patent-search

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates access to the 'patents-public-data.patents' dataset on Google BigQuery, a well-known and official public service provided by Google Cloud.
  • [COMMAND_EXECUTION]: Utilizes the Bash tool for standard development workflows, including Google Cloud SDK authentication (gcloud auth application-default login) and execution of local Python scripts to query the BigQuery API.
  • [PROMPT_INJECTION]: Contains an indirect prompt injection surface as it ingests and displays patent titles, abstracts, and claims from external databases.
  • Ingestion points: Data retrieved from the patents-public-data.patents BigQuery dataset through the search_patents, search_by_cpc, and get_patent methods.
  • Boundary markers: None explicitly defined in the provided instruction snippets to separate retrieved patent text from agent instructions.
  • Capability inventory: The skill has access to Bash, Read, and Write tools, which could be targeted if malicious instructions were successfully injected via patent metadata.
  • Sanitization: The provided documentation does not show explicit sanitization or filtering of the retrieved patent text before presentation.
  • [CREDENTIALS_UNSAFE]: Appropriately handles sensitive configuration by instructing users to use environment variables (GOOGLE_CLOUD_PROJECT) and standard application default credentials rather than hardcoding secrets.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 06:32 PM