critical
suspicious.env_credential_access
- Location
- index.js:141
- Finding
- Environment variable access combined with network send.
arithmetic-orc
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.env_credential_access
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI03: Identity and Privilege AbuseWhat this means
A Tencent Cloud key used with this skill can authorize OCR API calls and may incur charges or expose account identity to Tencent Cloud.
Why it was flagged
The skill needs Tencent Cloud API credentials and can take them from environment variables or parameters. This is expected for the stated Tencent OCR integration, but the registry metadata does not declare required credentials.
Skill content
const secretId = process.env.TENCENTCLOUD_SECRET_ID || params.secretId; const secretKey = process.env.TENCENTCLOUD_SECRET_KEY || params.secretKey;
Recommendation
Use a dedicated, least-privilege Tencent Cloud key for OCR only, avoid pasting long-lived secrets into normal chat, and monitor usage or billing.
NoteHigh Confidence
ASI02: Tool Misuse and ExploitationWhat this means
Images or image URLs supplied for OCR are sent to Tencent Cloud for processing.
Why it was flagged
The skill makes a network request to the documented Tencent Cloud OCR endpoint with the image payload or image URL.
Skill content
url: 'https://ocr.tencentcloudapi.com', ... data: body,
Recommendation
Only use it for images you are comfortable sending to Tencent Cloud, and review Tencent Cloud's retention and privacy terms if the image is sensitive.
NoteMedium Confidence
ASI04: Agentic Supply Chain VulnerabilitiesWhat this means
A future compatible dependency version could change behavior or inherit upstream vulnerabilities.
Why it was flagged
The dependency uses a semver range rather than an exact pinned version in the provided artifacts, so the exact axios version may vary when dependencies are installed.
Skill content
"dependencies": { "axios": "^1.6.0" }Recommendation
Prefer an exact dependency pin or lockfile, and install from a trusted package registry/source.