Back to skill
Skillv1.10.3
ClawScan security
laiye-doc-processing · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 28, 2026, 8:49 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions, files, and requirements are coherent with a CLI that uploads documents to Laiye's ADP service and does not request unrelated credentials, but it relies on remote installs and will send user documents to an external cloud service — review install scripts and privacy before use.
- Guidance
- This skill appears to be a legitimate CLI wrapper for Laiye's ADP service and is internally consistent. Before installing or running it: 1) Verify the publisher/source (the package and scripts reference GitHub and Laiye domains) and inspect the npm package and the raw install script instead of blindly piping to a shell. 2) Understand that documents you process will be uploaded to Laiye's cloud (adp.laiye.com/adp-global.laiye.com) and consumption uses billable credits — review privacy/terms and limit sensitive documents if you need on-premises guarantees. 3) Prefer installing in a sandbox or container, and avoid running global npm installs or remote scripts on critical hosts until you review their contents. 4) Limit the API Key scope if possible, rotate keys after testing, and be mindful that the CLI caches app IDs and writes output files to local directories — remove or secure those files if they contain sensitive data.
Review Dimensions
- Purpose & Capability
- okName/description (document parsing & extraction) match the SKILL.md and reference docs: commands, app IDs, API Key workflows, batch/local/URL processing, and response schemas are all consistent with a CLI that talks to a cloud ADP service.
- Instruction Scope
- noteInstructions tell an agent to install and invoke a CLI, read/write local folders (batch mode), read CLI stdout/stderr and output_dir files, cache APP_IDs, and prompt user for an API Key. These actions are in-scope for a document-processing CLI but do entail reading local files and uploading document content to Laiye's cloud endpoints (adp.laiye.com / adp-global.laiye.com) — expected for this product but privacy-sensitive.
- Install Mechanism
- concernInstall methods include npm package install and executing remote install scripts via curl | bash or PowerShell that download from raw.githubusercontent.com. GitHub raw and npm registry are common publication vectors, but piping remote scripts to a shell and global npm installs carry moderate risk (postinstall hooks, arbitrary script execution). Recommend inspecting the install script and package before running in production.
- Credentials
- noteThe skill requests no built-in env vars, but runtime requires an ADP API Key (user-provided) and optionally allows storing APP_IDs in env/config. That credential is proportional to its cloud-based purpose. Be aware that documents processed are sent to the service and usage consumes billable credits; no unexplained or unrelated credentials are requested.
- Persistence & Privilege
- noteSkill is not always-enabled and allows model invocation (normal). The CLI persists an application list cache (docs state cache is 'permanent and does not expire') and writes results to local output directories (absolute paths). These are reasonable for a CLI but mean identifiers and outputs may persist on disk — consider cleanup and scope the CLI's access.