Professional Patent Agents
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a purpose-aligned patent drafting and conversion skill, but it may send invention details to search services and run local document-conversion tools.
Before installing, decide whether you are comfortable sharing invention details with search providers, install conversion dependencies from trusted sources, run the converter as a non-root user, and verify patent/legal recommendations with a qualified professional. Review any omitted continuous-learning files before using the skill with confidential IP.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Unfiled invention details or trade secrets could be exposed to third-party search services during normal use.
Prior-art research is central to the skill, but it may transmit patent keywords or invention details to external search providers or websites.
Step 2: Multi-channel Search ... Tavily ... AMiner ... Google Patents ... GitHub ... Tech blogs
Use only information you are comfortable sending to search providers, or ask the agent to confirm and minimize search queries before performing external searches.
Converting documents can execute local conversion tools and a browser-based renderer, which is riskier if run as root or on untrusted Markdown diagrams.
The converter runs local binaries to render Mermaid diagrams, and when run as root it disables Chromium sandboxing. This is disclosed and purpose-aligned, but it affects local execution safety.
cmd = ['mmdc', '-i', mmd_path, '-o', output_path, ...]; ... "args": ["--no-sandbox", "--disable-setuid-sandbox"]; result = subprocess.run(cmd, ...)
Run the converter as a non-root user, preferably in an isolated workspace, and avoid converting untrusted Markdown content.
Installing global or system packages can affect the local machine and depends on the trustworthiness of package sources.
The skill relies on user-installed system, npm, and Python packages. These setup steps are expected for document conversion but introduce normal package provenance and environment-change risk.
sudo apt install pandoc ... npm install -g @mermaid-js/mermaid-cli ... pip install python-docx
Install dependencies from official repositories, avoid unnecessary sudo use, and consider using a virtual environment or container.
Users may rely too heavily on generated patent strategy, grant-rate predictions, or abandon/file recommendations.
The agent persona uses strong professional authority and success-rate claims, which may encourage users to over-trust legal or filing recommendations.
a senior patent attorney ... filed 500+ patents with a 92% grant rate
Treat outputs as drafting and research assistance; have a qualified patent professional review important filings and business decisions.