Back to skill

Security audit

GLM-OCR-SDK

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward OCR helper that discloses its use of Zhipu cloud OCR, but users should treat documents and the API key as sensitive.

Install only if you are comfortable sending OCR inputs to Zhipu's cloud service. Avoid using it on confidential documents unless that is approved, prefer environment variables or a protected secret store over passing the key on the command line, do not commit `.env` files, and verify the `glmocr` package source before installing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly routes user documents through Zhipu's cloud OCR service, but the documentation does not clearly warn that document contents leave the local environment and are sent to a third party. For an agent skill handling invoices, scans, and other potentially sensitive documents, this creates a real privacy and compliance risk because users or downstream operators may assume local-only processing.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The examples encourage passing the API key directly on the command line, which can expose credentials via shell history, process listings, logs, CI output, or terminal recordings. In an agent/CLI context this is especially risky because automated systems often capture full command invocations for debugging and audit trails.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.