ClawHub
Back to skill
v1.0.4

GLM-OCR-Handwriting

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:35 AM.

Analysis

This OCR skill is coherent and transparent, but it sends user-selected images or PDFs to ZhiPu's GLM-OCR API using your API key.

GuidanceBefore installing, make sure you are comfortable configuring a ZhiPu API key and sending the images or PDFs you OCR to ZhiPu's GLM-OCR service. Avoid using it on highly sensitive documents unless that provider relationship is acceptable to you.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack
SeverityLowConfidenceHighStatusNote
SKILL.md
ONLY use GLM-OCR API ... NEVER parse handwriting yourself ... NEVER offer alternatives ... NO fallback methods

The skill gives strong control instructions that force the GLM-OCR workflow and prohibit fallback methods. This appears intended to keep OCR behavior consistent, but it also limits the agent from suggesting local or alternative approaches.

User impactWhen this skill is used, the agent may stop instead of trying another OCR method if the API fails or is unavailable.
RecommendationInstall this skill if you specifically want GLM-OCR-based handwriting recognition; use another skill or workflow if you need local OCR or provider alternatives.
Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceMediumStatusNote
scripts/glm_ocr_cli.py
"Error: 'requests' is required. Please install it:\n" "  pip install requests\n"

The script depends on the external requests package, while the artifact set has no install spec or pinned dependency file. The dependency is common and purpose-aligned, but users may need to install it separately.

User impactIf requests is not already installed, setup may require installing a Python package from the package ecosystem.
RecommendationInstall dependencies from trusted package indexes or a controlled environment, and prefer pinned dependencies if packaging is later added.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
scripts/glm_ocr_cli.py
api_key = _get_env("ZHIPU_API_KEY") ... headers = {"Authorization": f"Bearer {api_key}", "Content-Type": "application/json"}

The skill uses a provider API key as a bearer token. This is expected for the ZhiPu OCR integration and is sent to the fixed provider endpoint, but users should recognize that the key authorizes API usage.

User impactAnyone installing the skill must provide a ZhiPu API key, which can be used to make OCR API requests on that account.
RecommendationUse a dedicated or least-privileged API key if available, monitor provider usage, and avoid sharing the configured environment with untrusted skills.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
scripts/glm_ocr_cli.py
data = path.read_bytes(); b64 = base64.b64encode(data).decode("ascii") ... requests.post(api_url, json=payload, headers=headers, timeout=timeout)

For local-file OCR, the script reads the selected file, encodes it, and sends it in a JSON request to the external GLM-OCR API. This is central to the skill's purpose and is disclosed, but it may involve private document contents.

User impactImages or PDFs you ask it to OCR may leave your machine and be processed by ZhiPu's service.
RecommendationOnly submit files you are comfortable sending to that provider, especially if they contain personal, legal, medical, financial, or confidential handwriting.