ClawHub

DeepRead OCR

v1.1.0

AI-native OCR platform that turns documents into high-accuracy data in minutes. Using multi-model consensus, DeepRead achieves 97%+ accuracy and flags only u...

7· 4.8k·12 current·13 all-time
byDeepRead.tech@uday390
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (OCR extraction, structured data, HIL) match the declared requirements and examples. The only required credential is DEEPREAD_API_KEY, which is appropriate for a hosted OCR API.
Instruction Scope
SKILL.md instructs the agent to upload files to https://api.deepread.tech and to poll or receive webhook callbacks. It only references DEEPREAD_API_KEY and user-supplied webhook URLs; there are no instructions to read unrelated system files, environment variables, or send data to unexpected endpoints.
Install Mechanism
No install spec or code files are present (instruction-only), so nothing is written to disk or downloaded during install. This is the lowest-risk pattern for a connector skill.
Credentials
Only one required environment variable (DEEPREAD_API_KEY) is declared and used in the instructions. No unrelated secrets or system config paths are requested.
Persistence & Privilege
always is false and disable-model-invocation is true (skill cannot autonomously invoke the model), so the skill does not request elevated persistent privileges or autonomous model access. It does not attempt to modify other skills or system-wide configs.
Assessment
This skill appears coherent for calling a third‑party OCR API, but before installing: (1) Only set DEEPREAD_API_KEY as an environment variable — do not hardcode keys into configs. (2) Review the sensitivity of documents you will upload; OCR sends document contents to DeepRead's servers. (3) If you use webhook callbacks, ensure webhook endpoints are under your control and validate incoming requests (e.g., signature or shared secret) to avoid accepting forged payloads. (4) Confirm DeepRead's security/retention policies (encryption, retention period, access controls) and rotate API keys if needed. (5) Test with non-sensitive sample documents first and limit the API key scope/usage where possible.

Like a lobster shell, security has layers — review code before you run it.

latestvk979ygaayvheczj7aswgqqsemx83zcjr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvDEEPREAD_API_KEY
Primary envDEEPREAD_API_KEY

Comments