Skillv1.0.1

ClawScan security

CCY OCR Local · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 18, 2026, 3:31 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is a self-contained, local Tesseract-based OCR utility that does not request credentials or external network access and is coherent with its description, though part of the main script was truncated in the review so confidence is not maximal.
Guidance: This skill appears to be a straightforward local OCR wrapper around Tesseract and optional OpenCV. Before installing/use: 1) Ensure you have Tesseract (and needed language data like chi_sim) installed locally; the script invokes the tesseract binary via subprocess. 2) Be aware outputs and manifest files will record file paths and the resolved tesseract executable path (useful for debugging but may reveal local paths). 3) The code runs external binaries (tesseract) and processes files you point it at—avoid pointing it to sensitive system directories. 4) I could not see the very end of scripts/local_ocr.py in the provided bundle (truncated); if you want maximum assurance, review the remainder of that file to confirm there are no unexpected network calls or data-sending behaviors. 5) For added safety when trying it out, run in a sandbox or on non-sensitive images.

Purpose & Capability: okThe name/description (local offline OCR) matches the included scripts. The code calls Tesseract via pytesseract, optionally uses OpenCV, processes local image files, and provides JSON/TSV/text outputs; none of the required env vars, binaries, or files are unrelated to OCR.
Instruction Scope: okSKILL.md instructs running scripts in-place and passing local image paths. The scripts operate on local files, detect/verify Tesseract, preprocess images, run OCR, and write local outputs and manifests. There are no instructions to read unrelated system state, collect extra secrets, or transmit data to remote endpoints.
Install Mechanism: okThere is no install spec (instruction-only deployment), and the code relies on system-installed Python packages and the Tesseract binary. No external download/extract steps are present in the repository.
Credentials: okThe skill does not request credentials or secret environment variables. It optionally reads TESSERACT_CMD and standard ProgramFiles env vars to locate tesseract, which is appropriate for locating the OCR binary. Output manifests include input paths and the resolved tesseract path (expected for diagnostics).
Persistence & Privilege: okThe skill is not always-enabled, does not request persistent privileges, and does not modify other skills or global agent configuration. It runs as a normal local script invoked by the agent/user.