Histórico de Auditoria
uspto-database - 4 auditorias
Versão da auditoria 4
Mais recente Baixo RiscoJan 17, 2026, 07:46 AM
This is a legitimate USPTO API client for patent and trademark research. Static findings are false positives: detected patterns in markdown files are documentation code examples, not executable code. The network+credential access pattern is standard API client behavior for accessing USPTO government services.
Fatores de risco
🌐 Acesso à rede (2)
🔑 Variáveis de ambiente (2)
Versão da auditoria 3
Baixo RiscoJan 17, 2026, 07:46 AM
This is a legitimate USPTO API client for patent and trademark research. Static findings are false positives: detected patterns in markdown files are documentation code examples, not executable code. The network+credential access pattern is standard API client behavior for accessing USPTO government services.
Fatores de risco
🌐 Acesso à rede (2)
🔑 Variáveis de ambiente (2)
Versão da auditoria 2
SeguroJan 12, 2026, 04:45 PM
The static analyzer flagged 513 issues, but evaluation shows these are almost entirely false positives. The code contains legitimate API clients for USPTO patent/trademark databases using standard HTTP requests and environment variables for API keys. No malicious code execution, credential exfiltration, or other security threats were found.
Fatores de risco
🌐 Acesso à rede (2)
🔑 Variáveis de ambiente (1)
Versão da auditoria 1
Baixo RiscoJan 4, 2026, 05:33 PM
This skill contains Python API clients for USPTO services. Network calls are limited to documented USPTO government endpoints. The scripts read USPTO_API_KEY from environment variables and make read-only queries to patent and trademark databases. No credential harvesting, obfuscation, or persistence mechanisms detected.