Skillv1.0.4

ClawScan security

ID Card Recognition OCR - 身份证识别 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 3, 2026, 10:00 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is coherent with its stated purpose (calling JisuAPI to OCR ID photos) and requests only the expected JISU_API_KEY, but it transmits sensitive PII to a third-party API and the package has a minor mismatch in declared dependencies and documentation paths that you should review before installing.
Guidance: This skill does what it says: it sends an image (or base64) and a typeid to JisuAPI to extract ID fields. Before installing: (1) Confirm you're comfortable that images and extracted PII will be transmitted to a third-party service (JisuAPI) and check their privacy/retention policy. (2) Provide only a dedicated API key with appropriate limits; avoid sharing a broadly-scoped secret. (3) Ensure the runtime has the Python 'requests' package available (the metadata lists only python3). (4) Note minor docs mismatches (documented script path and a /type endpoint suggestion are not implemented in the script) — confirm expected behavior in your environment. (5) Run the skill in an isolated environment or sandbox if you need to limit exposure, and avoid passing system-wide or unrelated files as inputs.

Purpose & Capability: okName/description match the implemented behavior: the Python script encodes an image (from local path or base64) and POSTs it to JisuAPI's ID card recognition endpoint using an AppKey. The single required env var (JISU_API_KEY) is appropriate for this purpose.
Instruction Scope: noteSKILL.md and the script instruct the agent to read a local image (restricted to the current working directory and subdirs) or accept base64 and then send it to the JisuAPI endpoint. This is within the skill's purpose, but it inherently sends highly sensitive PII (names, ID numbers, addresses, photos) off-host to a third-party service — a privacy/exfiltration risk that users must accept.
Install Mechanism: noteThere is no install spec (instruction-only) and no external downloads, which is lower risk. The included script imports the third-party 'requests' library but the metadata only lists 'python3' — the environment may need the 'requests' package installed. No obscure download URLs or extract operations are present.
Credentials: noteOnly JISU_API_KEY is required, which is proportionate to calling the JisuAPI service. However, giving that key allows the skill to send user images and PII to the external provider; treat the API key as sensitive and consider rate/usage and privacy implications.
Persistence & Privilege: okThe skill does not request permanent/always-on privileges, does not modify other skills or system settings, and is user-invocable only.