Skillv1.0.0

ClawScan security

Ocr Local 1.0.0 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 13, 2026, 3:41 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill does what it claims (local OCR via Tesseract.js); its requirements and code are consistent with that purpose and it does not request credentials or other unnecessary access.
Guidance: This skill appears coherent and does what it claims: it runs Tesseract.js locally on a provided image. Before installing, be aware that (1) npm install will download tesseract.js and its dependencies from the public registry and may run package lifecycle scripts (opencollective-postinstall is present in deps) — run npm install in a controlled environment or inspect dependencies if you are cautious; (2) Tesseract language data will be downloaded on first run (~20MB/language) so the process needs network access unless you pre-provision the traineddata files; (3) there is no credential or secret access requested. If you want maximum safety, audit the tesseract.js package and its postinstall behavior, or vendor the dependency and the language files yourself and run the script offline. Additionally, note a minor metadata inconsistency (ownerId differs between registry metadata and _meta.json) — likely benign but worth noticing.

Purpose & Capability: okName/description (local OCR with Tesseract.js) match the code, package.json dependency, and SKILL.md. The single script calls Tesseract.recognize on a local file and outputs text/JSON; requiring node and tesseract.js is expected.
Instruction Scope: okSKILL.md instructs running the included Node script with expected CLI flags. The runtime instructions do not ask the agent to read unrelated files, access secrets, modify system settings, or call external endpoints beyond the expected language-data download noted in the docs.
Install Mechanism: noteNo custom install spec in the registry, but SKILL.md and package.json expect npm install (tesseract.js). Installing via npm will fetch packages from the public registry and run any package lifecycle scripts (tesseract.js and its deps include an install script/opencollective-postinstall). This is normal for Node packages but means code from the npm registry will be written to disk and run during install.
Credentials: okNo environment variables, credentials, or config paths are required. The skill does not request unrelated secrets or broad system access.
Persistence & Privilege: okalways is false, the skill is user-invocable and does not request permanent or system-wide privileges. It does not modify other skills or agent-wide configuration.