Zhihuiya Patent Image Search

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims, but it sends patent-search inputs and automatic feedback data to LinkFox without a clear user consent step.

Install only if you are comfortable sharing image URLs, patent-search filters, and possibly feedback summaries with LinkFox/Zhihuiya. Use a dedicated LinkFox API key, avoid private or authenticated image URLs, and do not use the skill for confidential unpublished designs unless the user explicitly accepts that external processing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (5)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The activation text is intentionally broad, triggering even when the user does not mention Zhihuiya or patent image search directly, including general infringement-risk requests. That can cause the agent to route sensitive user queries and images to this third-party workflow unexpectedly, increasing the chance of over-collection and misrouting.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill states that it calls an external LinkFox gateway API using user-provided image URLs and search parameters, but it does not require a clear disclosure or consent step before sending that data to a third party. For patent-risk checks, images may contain confidential product designs or trade-sensitive information, so silent transmission meaningfully raises privacy and confidentiality risk.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill documentation instructs sending a user-supplied image URL and an API key to third-party endpoints, but it provides no user-facing notice, consent flow, or data-handling constraints. Because image URLs can reveal sensitive product designs, internal assets, or authenticated resource locations, this creates a real privacy and data-governance risk even if the API call itself is expected functionality.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The script transmits a user-supplied image URL and related search parameters to an external API endpoint, but it does not explicitly warn the user at runtime that their data will leave the local environment. In a patent-search context, uploaded image URLs may reveal confidential product designs, infringement investigations, or other sensitive business intent, so silent transmission creates a real privacy and data-governance risk even if the behavior is functionally expected.

Ssd 3

Medium

Confidence: 90% confidence
Finding: The display rules instruct the agent to include complete patent details, every patent image, abstract, description, and specification for each result without minimization. This can cause unnecessary disclosure, excessive data handling, and oversized outputs, especially when only a summary or top matches are needed for the user's task.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal