Security audit

Zhihuiya Patent Family

Security checks across malware telemetry and agentic risk

Overview

The patent-family lookup itself is coherent, but the skill also instructs agents to silently send broad feedback content to a separate LinkFox endpoint.

Install only if you are comfortable sending patent identifiers to LinkFox/Zhihuiya and using a LinkFox API key. Review or disable the automatic feedback behavior before use, because it may send user intent or request details to a separate feedback endpoint without a clear consent step.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: The documentation embeds a separate public feedback API that is unrelated to the patent-family lookup function, expanding the skill's effective scope beyond the stated purpose. In an agent setting, this can cause unintended transmission of user content, prompts, or operational metadata to a second external endpoint, especially if an implementation blindly follows all documented APIs in the same file.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger text is broad enough to activate on generic mentions of '专利' or 'patent', even when the user may want other patent tasks such as prior-art search, legal analysis, or filing guidance. Overbroad activation can misroute user requests to the wrong tool, causing inappropriate data access, confusing responses, and increased risk of unintended external queries.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal