ClawHub

Iflytek Pdf Image Ocr

Security checks across malware telemetry and agentic risk

Overview

The skill appears to perform OCR as advertised, but it may upload local PDFs, images, or document URLs to iFlytek without clear user consent or privacy disclosure.

Review carefully before installing. Use it only for documents you are comfortable sending to iFlytek or another third-party OCR service, avoid sensitive IDs, contracts, medical, financial, or credential-containing files unless you have reviewed the provider’s handling terms, and prefer a local OCR option or an explicit confirmation workflow for private documents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README documents OCR functionality but does not clearly disclose that local image/PDF contents are transmitted to a third-party cloud service for processing. This can cause users to unknowingly send sensitive documents, IDs, contracts, or screenshots off-host, creating privacy, compliance, and data-handling risk even if the network transmission is part of the intended feature.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The invocation description is broad enough that the skill may trigger on routine OCR- or document-related requests without sufficiently specific user intent. In this skill's context, accidental invocation is more dangerous because it can cause local files or document URLs to be sent to a third-party OCR provider.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill description explains OCR features but does not clearly warn that images, PDFs, and supplied document URLs are transmitted to iFlytek's third-party service for processing. This omission creates a meaningful privacy and data-handling risk, especially if users provide sensitive documents assuming local-only processing.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script sends the full image contents to a third-party OCR service, but the user-facing flow only prints a generic progress message and does not explicitly warn that potentially sensitive local file contents will leave the system. In an agent skill context, users may assume OCR is local, so this creates a real privacy and data-handling risk for documents containing PII, credentials, contracts, or medical information.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The code uploads a local PDF file or forwards a user-supplied PDF URL to iFlytek's external OCR API, which can expose document contents and metadata to a third party. In a skill intended for OCR this data transfer is expected, but the implementation provides no explicit user-facing consent, privacy warning, or controls to prevent accidental disclosure of sensitive documents.

External Transmission

Medium
Category
Data Exfiltration
Content
auth_url = self._generate_auth_url()

        # Send request
        response = requests.post(
            auth_url,
            json=request_data,
            headers={"Content-Type": "application/json"},
Confidence
89% confidence
Finding
requests.post( auth_url, json=

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal