ClawHub

arithmetic-orc

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Tencent Cloud math-OCR skill, with privacy and dependency hygiene caveats but no artifact-backed malicious behavior.

Install only if you are comfortable sending math images or image URLs to Tencent Cloud for OCR. Use a dedicated least-privilege Tencent Cloud OCR key, prefer platform secret storage over passing keys in normal parameters, and pin or update axios to a vetted patched version before deployment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill transmits user-supplied image content or image URLs to Tencent Cloud OCR, which is a third-party service, without any in-code indication of user notice or consent flow. This creates a privacy and data-handling risk because users may provide sensitive images and not realize they are being sent off-platform for processing.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill declares network access for remote image processing but does not disclose to users that uploaded images or image URLs may be transmitted to an external third-party API. Because images of schoolwork can contain personal information, this creates a real privacy and data-handling risk through insufficient transparency and consent rather than an overt code exploit.

Unpinned Dependencies

Low
Category
Supply Chain
Content
"description": "腾讯云算式识别 Skill for OpenClaw",
  "main": "index.js",
  "dependencies": {
    "axios": "^1.6.0"
  },
  "author": "yuejian chen",
  "license": "MIT"
Confidence
86% confidence
Finding
"axios": "^1.6.0"

Known Vulnerable Dependency: axios==1.6.0 — 10 advisory(ies): CVE-2025-62718 (Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF); CVE-2026-42044 (Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in `pars); CVE-2026-25639 (Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig) +7 more

High
Category
Supply Chain
Confidence
97% confidence
Finding
axios==1.6.0

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal