ClawHub

Ca File Processor

v1.0.3

Process financial documents for Indian CA firms. Use when any PDF, Excel (.xlsx/.xls), CSV, JPG, or PNG file is received or uploaded — including GST returns,...

0· 76·0 current·0 all-time
by@purvik6062
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and included scripts (router, pdf, image, excel, csv) align with a local CA document processing skill. Required binaries (python3, tesseract) and Python libraries match the declared functionality (OCR, PDF/excel/csv parsing).
Instruction Scope
SKILL.md and the scripts only reference local file processing, reading the provided file path and returning structured JSON. There are no instructions to read unrelated system files, environment secrets, or to send data to external endpoints.
Install Mechanism
No automated install spec is provided (instruction-only), but a requirements.txt and system dependency notes are included. This is reasonable for a local Python skill; user must manually install pip deps and system packages (tesseract, poppler). Pinning of specific package versions is normal but should be reviewed for known CVEs before deployment.
Credentials
The skill requests no environment variables or credentials. It only needs local binaries (tesseract) and reads files provided to it. There are no unexpected secret access patterns.
Persistence & Privilege
always:false and default invocation settings. The skill does not attempt to modify other skills or system-wide configs. It runs on-demand against supplied files.
Assessment
This skill appears coherent and operates locally, but take standard precautions before installing/using it: 1) Install system deps (tesseract, poppler) and pip packages in an isolated environment (virtualenv/container). 2) Review/upgrade pinned dependencies for known vulnerabilities. 3) Test on non-sensitive sample files first to confirm behavior. 4) Because it processes sensitive financial documents, run it on a trusted machine or inside a restricted environment to avoid accidental data exposure. 5) The skill returns extracted text and fields — ensure downstream handling (LLM, logs) is secure and that you do not inadvertently forward sensitive data to external services.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ccn0yyh14czyq67vyrjwk7183zarg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📂 Clawdis
Binspython3, tesseract

Comments