ClawHub
Back to skill
v1.0.4

GLM-OCR-Formula

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:35 AM.

Analysis

This skill is coherent for formula OCR, but it requires a ZhiPu API key and sends chosen images or PDFs to the external GLM-OCR API.

GuidanceThis appears safe to use for its stated purpose if you are comfortable providing a ZhiPu API key and sending the selected image or PDF content to the GLM-OCR API. Avoid using it on confidential documents unless that external processing is acceptable.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack
SeverityLowConfidenceHighStatusNote
SKILL.md
ONLY use GLM-OCR API ... NEVER offer alternatives ... IF API fails — Display the error message and STOP immediately

The skill strongly constrains the agent to use this specific OCR API and not attempt fallback extraction methods. This is disclosed and aligned with an API-specific OCR skill, but it affects how the agent handles failures or alternatives.

User impactIf the API fails or is unavailable, the agent may stop instead of trying another OCR or vision method.
RecommendationUse this skill when you specifically want GLM-OCR processing; if you want alternatives or local processing, tell the agent explicitly before using another tool.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
scripts/glm_ocr_cli.py
api_key = _get_env("ZHIPU_API_KEY") ... headers = {"Authorization": f"Bearer {api_key}"

The script uses a ZhiPu API key as a bearer credential for the official API request. This is expected for the service integration and there is no evidence of hardcoding, logging, or sending the key to an unrelated endpoint.

User impactThe configured API key may authorize OCR API usage and could incur account usage or billing with the provider.
RecommendationStore the API key securely, use the least-privileged key available, and rotate it if you suspect exposure.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityMediumConfidenceHighStatusNote
scripts/glm_ocr_cli.py
data = path.read_bytes(); b64 = base64.b64encode(data) ... requests.post(api_url, json=payload, headers=headers

For local files, the script reads the selected file, base64-encodes it, and submits it to the external GLM-OCR API endpoint. This is central to the skill's purpose and disclosed, but it means file contents leave the local environment.

User impactImages or PDFs you ask the skill to process may be sent to ZhiPu's API, so confidential documents could be exposed to that provider.
RecommendationOnly use the skill on files you are comfortable sending to the ZhiPu service, and review the provider's data handling terms for sensitive material.