v1.0.3

GLM-OCR-Table

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:35 AM.

Analysis

The skill is coherent for table OCR using the ZhiPu GLM-OCR API, but users should notice that local documents may be uploaded to an external service using their API key.

GuidanceThis skill appears purpose-aligned for extracting tables through ZhiPu GLM-OCR. Before installing, make sure you are comfortable providing a ZHIPU_API_KEY and sending the selected images or PDFs to ZhiPu’s API, especially if they contain private financial, invoice, or business data.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack

SeverityLowConfidenceHighStatusNote

SKILL.md

ONLY use GLM-OCR API ... NEVER parse tables yourself ... NEVER offer alternatives ... NO fallback methods

The skill gives forceful instructions that constrain the agent to this API-based workflow and discourage alternatives.

User impactIf you prefer an offline method or a different OCR provider, the skill instructions may push the agent toward ZhiPu GLM-OCR instead.

RecommendationUse this skill only when you intentionally want ZhiPu GLM-OCR processing; otherwise ask the agent not to use this skill.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceMediumStatusNote

scripts/glm_ocr_cli.py

pip install requests\nOr install all dependencies: pip install -r requirements.txt

The script depends on an external Python package and suggests manual pip installation if it is missing.

User impactInstalling Python packages from the public package ecosystem can introduce normal dependency supply-chain risk.

RecommendationInstall dependencies in a trusted virtual environment and prefer pinned, reviewed dependencies when available.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

scripts/glm_ocr_cli.py

api_key = _get_env("ZHIPU_API_KEY") ... headers = {"Authorization": f"Bearer {api_key}"

The script reads a ZhiPu API key from the environment and uses it as a bearer credential for API calls.

User impactYour API key may grant account access or incur usage charges for OCR requests.

RecommendationUse a dedicated, least-privilege API key where possible and avoid sharing command outputs or logs that might expose credentials.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityMediumConfidenceHighStatusNote

scripts/glm_ocr_cli.py

data = path.read_bytes() ... return f"data:{mime};base64,{b64}" ... requests.post(api_url, json=payload, headers=headers, timeout=timeout)

For local files, the script reads the file, base64-encodes it, and sends it in a JSON request to the OCR API.

User impactImages or PDFs you process, including financial statements or invoices, may be transmitted to the ZhiPu service for OCR.

RecommendationDo not use this skill on documents you are not allowed to send to ZhiPu; review the provider’s data handling terms for sensitive files.