ClawHub

CamScanner-Image2Markdown

Security checks across malware telemetry and agentic risk

Overview

This skill performs the advertised OCR conversion, but its instructions may upload any image to CamScanner by default rather than only when the user explicitly requests OCR.

Install only if users understand that images may be sent to CamScanner's servers for processing. Avoid using it on sensitive personal, legal, medical, financial, proprietary, or regulated images unless the user explicitly approves that upload. Prefer a local OCR workflow when images must remain private.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill metadata says it should be used whenever a user's input contains images, which creates an overly broad auto-invocation rule. That can cause unintended transmission of user-supplied images to a third-party OCR service even when OCR is unnecessary, increasing privacy and data-exposure risk.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The usage guidance repeats that any input containing images should be converted first, reinforcing automatic processing of all images by an external service. In context, this is dangerous because the skill itself discloses that files are sent to CamScanner servers, so broad triggering directly expands third-party data exposure.

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
BASE="https://ai-tools.camscanner.com"

IN_FILE_ID=$(curl -sS -X POST "$BASE/v1/tools/upload_file/execute" \
  -H "Content-Type: application/octet-stream" \
  --data-binary "@/path/to/image.png" | jq -r '.tool_result.data.file_id')
```
Confidence
95% confidence
Finding
curl -sS -X POST "$BASE/v1/tools/upload_file/execute" \ -H "Content-Type: application/octet-stream" \ --data-binary

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal