Back to skill
Skillv1.1.0
ClawScan security
Agent Paddleocr Vision · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 15, 2026, 4:07 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements, instructions, and included code are consistent with a PaddleOCR-based document-OCR and action-suggestion tool; nothing requests unrelated credentials or system privileges.
- Guidance
- This skill appears coherent for calling a PaddleOCR cloud service. Before installing: (1) only set PADDLEOCR_DOC_PARSING_API_URL and PADDLEOCR_ACCESS_TOKEN if you trust the endpoint—documents and the token will be sent there; prefer your provider's official endpoint or a self-hosted instance if handling sensitive docs; (2) inspect scripts/requirements.txt and the scripts (notably scripts/ocr_engine.py) to confirm no unexpected network calls or logging of tokens; (3) run pip installs in an isolated environment (venv/container) and ensure poppler is the official package; (4) avoid processing highly sensitive documents until you confirm the endpoint and token policies; (5) verify rate limits, data retention, and token scope with the PaddleOCR provider.
Review Dimensions
- Purpose & Capability
- okName/description, required binaries (python), and required env vars (PADDLEOCR_DOC_PARSING_API_URL, PADDLEOCR_ACCESS_TOKEN) align with a cloud-OCR integration. Declared functionality (searchable PDF, classification, suggested actions) matches the included scripts.
- Instruction Scope
- okSKILL.md and examples limit runtime activity to calling the PaddleOCR parsing endpoint, parsing OCR results, generating searchable PDFs, and writing outputs. There are no instructions to read unrelated system files or other credentials. The agent is expected to send user documents to the configured API endpoint (as intended).
- Install Mechanism
- noteThe registry provides no automated install spec (instruction-only), but SKILL.md tells users to pip install -r scripts/requirements.txt and install system packages (poppler). Installing Python packages pulls code from PyPI which is routine but carries the usual supply-chain risk; inspect scripts/requirements.txt before running pip as a best practice.
- Credentials
- okOnly two environment variables are required: the PaddleOCR API URL and access token (primary credential). Both are necessary for a cloud-OCR integration. No unrelated secrets, system config paths, or extra credentials are requested.
- Persistence & Privilege
- okThe skill is not forced-always, does not request persistent elevated privileges, and does not modify other skills' configs. It runs as an invoked tool and writes outputs (JSON, PDFs) to disk as expected.