ClawHub

Paddleocr Doc Parsing Radeon

Security checks across malware telemetry and agentic risk

Overview

This is a coherent cloud document-parsing skill, but users should understand that selected documents are sent to the configured OCR endpoint.

Install only if you are comfortable sending selected documents or fetched URLs to the configured PaddleOCR/Radeon Cloud endpoint. Use a trusted endpoint, prefer HTTPS, and avoid submitting confidential documents unless you understand that service's retention and logging practices.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The markdown emphasizes that no API key is used and that no temporary files are created, but it does not prominently warn that document contents are uploaded to a third-party remote cloud endpoint. In this context, the skill processes potentially sensitive PDFs, invoices, financial reports, and scanned documents, so omission of a clear privacy warning increases the risk of unintended disclosure of confidential data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The library sends base64-encoded document contents to a configurable remote endpoint via `client.post(api_url, json=params, headers=headers)`, and the code itself provides no user-facing consent, warning, or policy enforcement around exfiltration of potentially sensitive documents. In a document-parsing skill, users may submit invoices, financial reports, scans, or other confidential files, so silent transmission to an external service is a real privacy and data-handling risk, especially because the endpoint may be plain HTTP if configured that way.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal