Fähigkeiten uspto-database Audit-Verlauf
🔍

Audit-Verlauf

uspto-database - 4 Audits

Audit-Version 4

Neueste Niedriges Risiko

Jan 17, 2026, 07:46 AM

This is a legitimate USPTO API client for patent and trademark research. Static findings are false positives: detected patterns in markdown files are documentation code examples, not executable code. The network+credential access pattern is standard API client behavior for accessing USPTO government services.

9
Gescannte Dateien
2,983
Analysierte Zeilen
2
befunde
claude
Auditiert von
Keine Sicherheitsprobleme gefunden

Risikofaktoren

🌐 Netzwerkzugriff (2)
scripts/patent_search.py:70 scripts/trademark_client.py:55-56
🔑 Umgebungsvariablen (2)
scripts/patent_search.py:36 scripts/trademark_client.py:36

Audit-Version 3

Niedriges Risiko

Jan 17, 2026, 07:46 AM

This is a legitimate USPTO API client for patent and trademark research. Static findings are false positives: detected patterns in markdown files are documentation code examples, not executable code. The network+credential access pattern is standard API client behavior for accessing USPTO government services.

9
Gescannte Dateien
2,983
Analysierte Zeilen
2
befunde
claude
Auditiert von
Keine Sicherheitsprobleme gefunden

Risikofaktoren

🌐 Netzwerkzugriff (2)
scripts/patent_search.py:70 scripts/trademark_client.py:55-56
🔑 Umgebungsvariablen (2)
scripts/patent_search.py:36 scripts/trademark_client.py:36

Audit-Version 2

Sicher

Jan 12, 2026, 04:45 PM

The static analyzer flagged 513 issues, but evaluation shows these are almost entirely false positives. The code contains legitimate API clients for USPTO patent/trademark databases using standard HTTP requests and environment variables for API keys. No malicious code execution, credential exfiltration, or other security threats were found.

8
Gescannte Dateien
2,730
Analysierte Zeilen
2
befunde
claude
Auditiert von
Keine Sicherheitsprobleme gefunden

Risikofaktoren

🌐 Netzwerkzugriff (2)
scripts/patent_search.py:70 scripts/patent_search.py:10
🔑 Umgebungsvariablen (1)
scripts/patent_search.py:36

Audit-Version 1

Niedriges Risiko

Jan 4, 2026, 05:33 PM

This skill contains Python API clients for USPTO services. Network calls are limited to documented USPTO government endpoints. The scripts read USPTO_API_KEY from environment variables and make read-only queries to patent and trademark databases. No credential harvesting, obfuscation, or persistence mechanisms detected.

11
Gescannte Dateien
4,500
Analysierte Zeilen
3
befunde
claude
Auditiert von
Keine Sicherheitsprobleme gefunden

Risikofaktoren

⚡ Enthält Skripte (3)
scripts/patent_search.py:1-291 scripts/peds_client.py:1-286 scripts/trademark_client.py:1-312
🌐 Netzwerkzugriff (4)
scripts/patent_search.py:27 scripts/patent_search.py:60-73 scripts/trademark_client.py:26-27 scripts/trademark_client.py:52-61
🔑 Umgebungsvariablen (2)
scripts/patent_search.py:36 scripts/trademark_client.py:36
← Zurück zum Skill