Skillv1.10.3

ClawScan security

Laiye-OCR · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 24, 2026, 10:44 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, files, and installation guidance are coherent with a CLI-based document-parsing/extraction tool and do not request unrelated credentials or suspicious endpoints, though it will install and run a third‑party CLI and will read/write local files.
Guidance: This skill appears to be an instruction-only wrapper for Laiye's ADP CLI and is internally consistent. Before installing or running it: (1) Prefer installing via npm from the package registry and verify package metadata rather than blindly piping a curl|bash script from GitHub raw; (2) Be aware the CLI will read local files (for batch processing) and write results to an output directory and may persist a cached app-id/config; (3) You will need to supply an ADP API Key (the skill prompts for it) — only provide that key if you trust Laiye's service and the network endpoints (adp.laiye.com / adp-global.laiye.com); (4) If you operate in a sensitive environment, review the install script content and consider running the CLI in a sandboxed environment or approving each local-file access explicitly.

Review Dimensions

Purpose & Capability: okThe name/description promise OCR/structured extraction and the SKILL.md + references describe a CLI (adp) that performs those exact tasks (parse/extract, batch/local/url/base64). Required capabilities (access to local files, ability to call the ADP service) match the stated purpose. There are no unrelated credentials or unrelated third‑party services requested.
Instruction Scope: noteInstructions explicitly tell the agent to install the adp CLI, run commands, prompt the user for an API key, call adp parse/extract on local files or URLs, and read exported result files from output_dir. Those actions are within scope for a document-processing CLI, but the agent will need filesystem read/write access and will persist cached app IDs/configuration. The SKILL.md also instructs resolving the absolute CLI path (npm prefix -g) which requires running shell commands — expected, but grants the agent local command execution and file access.
Install Mechanism: noteNo install spec in the registry (instruction-only). The documents recommend npm (official registry or npmmirror) or running a shell/PowerShell install script fetched from raw.githubusercontent.com. npm is standard; curl | bash of a GitHub raw script is convenient but higher risk than a vetted package manager because it executes remote script content. These are expected for a CLI but users should prefer the npm package or review the install script before piping to shell.
Credentials: okThe skill declares no required environment variables or credentials in the registry metadata. The runtime instructions, however, require an ADP API Key (via adp config set or --api-key flags) to call the service — this is proportional and expected for a cloud OCR service. There are no unrelated secret requests. The docs suggest optional caching (APP_ID in env/config) which is reasonable but persistent.
Persistence & Privilege: notealways is false (normal). The CLI writes outputs to an output_dir and the documentation states an application cache is permanent (app-id cache) and suggests storing APP_IDs in env/config files — so the skill will create persistent files/config entries on disk. It does not request or modify other skills or system-wide agent settings per the provided files.