invention-structuring
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a structured workflow for patent invention decomposition. It processes user-provided descriptions and existing project files (e.g., invention briefs, prior art reports) to generate a formal disclosure document. No evidence of data exfiltration, malicious command execution, or credential exposure was found.
- [SAFE]: Potential Indirect Prompt Injection Surface:
- Ingestion points: The skill ingests untrusted data from the
$ARGUMENTSvariable and various local files includingpatent/INVENTION_BRIEF.md,patent/PRIOR_ART_REPORT.md, andpatent/NOVELTY_ASSESSMENT.md. - Boundary markers: The skill does not explicitly use boundary markers or "ignore embedded instructions" delimiters when interpolating data into its workflow.
- Capability inventory: The skill has access to file system operations (
Read,Write,Edit), shell commands (Bash), and an external model tool (mcp__codex__codex). However, these tools are only used for intended document generation and validation purposes. - Sanitization: There is no explicit sanitization or validation of the input content beyond its structural processing.
- [SAFE]: Use of External Validation: The skill uses a cross-model validation step (
mcp__codex__codex) to review the structured output. This is a legitimate quality assurance step in the context of patent drafting and does not involve downloading or executing untrusted code.
Audit Metadata