Back to skill
Skillv1.0.1
ClawScan security
文档识别-表格识别-Pro(翔云开放平台) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 8:42 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and runtime instructions align with its stated OCR/table-recognition purpose; it requires only the service API key/secret and reads local files to send images to netocr.com for processing.
- Guidance
- This skill appears to do what it says (upload images to netocr.com and return OCR/table results). Before installing: (1) confirm you trust netocr.com as images are uploaded to that third-party service; (2) prefer setting NETOCR_KEY/NETOCR_SECRET as environment variables rather than saving them in the skill's plaintext ./config.json, or keep the config file on a protected filesystem; (3) the script will read any file paths or folders you give it — avoid pointing it at directories containing sensitive files you do not want uploaded; (4) the code rewrites the returned OSS URL to use oss-cn-beijing.aliyuncs.com with a Host header to retrieve exported files (this is explained in the doc and is a workaround for the provider's returned http URL, but you may wish to verify the returned host and the downloaded content); (5) if you ever suspect the key was exposed, rotate it at the provider. Overall the package is internally consistent with its stated purpose.
Review Dimensions
- Purpose & Capability
- okName/description (table/ OCR recognition) match the included Python script and SKILL.md. The script calls netocr.com endpoints for recognition and download and only requires the OCR key/secret — this is proportionate for the declared functionality.
- Instruction Scope
- noteInstructions and the script read user-provided file paths or directories, convert some image formats, send image data to netocr.com, save recognition JSON and exported files locally, and can prompt the user for credentials. Those behaviors are necessary for OCR, but they do mean: (1) images (and any content in files you point at) are uploaded to netocr.com; (2) credentials may be saved in a plaintext ./config.json in the skill directory.
- Install Mechanism
- okNo install spec (instruction-only + included Python script). The script depends on common libraries (requests, optional Pillow). Nothing is downloaded from unfamiliar URLs or written system-wide during install.
- Credentials
- noteNo required environment variables; the script optionally reads NETOCR_KEY / NETOCR_SECRET and loads ./config.json or asks the user. Requiring the OCR key/secret is expected. Be aware the skill encourages saving credentials in plaintext config.json in the skill directory (persistent storage of secrets).
- Persistence & Privilege
- okalways is false and the skill does not request elevated system-wide privileges. It writes its own config.json and output files in the skill or user-specified directories only, and does not modify other skills or global agent settings.