Back to skill
Skillv1.0.2
ClawScan security
CamScanner-Image2Office · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 30, 2026, 9:07 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, required tools, and network calls are consistent with its stated purpose of uploading an image to CamScanner, converting it, and downloading the result — the main risk is that user files are sent to a third‑party service.
- Guidance
- This skill behaves as an API wrapper: it uploads your image to ai-tools.camscanner.com, asks the service to convert it, and downloads the output. Before using it, consider: (1) Do not upload sensitive or regulated data (PII, financial, health) unless you trust the service and have confirmed its retention policy and terms; the SKILL.md claims files are not permanently stored but that cannot be independently verified here. (2) Verify the remote domain (ai-tools.camscanner.com) and TLS certificate are legitimate and that this matches the official CamScanner service you expect. (3) Test with non-sensitive images first. (4) If you need on‑device or offline conversion for privacy reasons, this skill is not appropriate. Overall the skill is internally consistent with its stated purpose but carries the expected privacy tradeoffs of a cloud OCR/conversion service.
Review Dimensions
- Purpose & Capability
- okName and description (image → Word/Excel conversion) match the runtime instructions. Requiring curl and jq is appropriate for the provided shell-based API examples; no unrelated binaries or credentials are requested.
- Instruction Scope
- noteSKILL.md explicitly uploads a local image, calls convert, and downloads the resulting file to a local path — all scoped to the stated conversion task. It does instruct the agent to send user files to a remote host (ai-tools.camscanner.com); this is expected behaviour but is a privacy consideration the user should be aware of.
- Install Mechanism
- okInstruction-only skill with no install steps or code files. Nothing is written to disk by an install process; runtime uses curl/jq already present on the system.
- Credentials
- okNo environment variables, credentials, or config paths are requested. The skill does not attempt to access unrelated secrets or system configuration.
- Persistence & Privilege
- okalways is false and the skill does not request persistent/system-level privileges or modify other skills/configs. Autonomous invocation is allowed (platform default) but not combined with other elevated privileges.