ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

patent-invalid-search

v1.0.0

Perform patent invalidation analysis by verifying inputs, extracting and comparing technical features, searching prior art, evaluating evidence, and generati...

0· 138·0 current·0 all-time
by@chaochaosz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (patent invalidation search and analysis) match the SKILL.md steps: verify filing date, extract technical features, search prior art, compare features, and produce a report. The requested operations (web searching Google Patents, other patent DBs, structuring features) are proportionate to the declared purpose.
Instruction Scope
Instructions stay within patent-invalidation work: they describe input verification, structured feature extraction, search strategies (Google Patents, Espacenet, Lens, national DBs), and report generation. Two minor open-ended items: (1) guidance to 'make reasonable inferences and supplements' gives the agent discretionary inference authority over ambiguous user inputs, and (2) 'generate Word-format report' implies file output but no details are provided about where/how files are stored. These are not incoherent but users should be aware the agent will be allowed to infer missing technical details and may produce downloadable artifacts.
Install Mechanism
No install spec and no code files — instruction-only. There is nothing to be written to disk by an installer and no external downloads or package installs are requested.
Credentials
The skill requests no environment variables, no credentials, and no config paths. All external access described is to public patent search sites (e.g., patents.google.com), which is appropriate for the task.
Persistence & Privilege
always is false, user-invocable is true, and the skill does not request persistent system-level configuration or access to other skills' settings. Autonomous invocation is enabled by platform default but not combined with other red flags.
Assessment
This skill is internally consistent and appears to do what it says: extract technical features, search public patent databases, and prepare an invalidation analysis. Before installing/using it: (1) confirm your agent's browser/remote-search capability ('browser_use' or equivalent) is allowed and you understand what external sites the agent will visit; (2) do not paste confidential or privileged technical or business secrets into the conversation — the workflow expects public prior-art searching and may infer missing details; (3) treat outputs as preliminary technical/legal analysis (not legal advice) and verify citations, filing/priority dates, and report contents with independent searches or a qualified patent attorney; (4) note the included disclaimer and promotional reference to Patsnap (commercial product link) — this is marketing content, not required credentials. If you want stronger guarantees, ask for the skill to explicitly state where generated files are saved and to avoid making substantive inferences without explicit user approval.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f607krvekhfhc1qkywqx24d8346sh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments