Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
ifly-ocr-invoice
v1.0.0Recognize and extract structured data from invoices, receipts, and bills using iFlytek OCR API (科大讯飞票据识别). Supports VAT invoices, taxi receipts, train ticket...
⭐ 0· 108·0 current·0 all-time
byIflytek AIcloud@qingzhe2020
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The name/description match the included code: scripts/invoice.py calls iFlytek (xf-yun) invoice OCR and requires XFYUN_APP_ID / XFYUN_API_KEY / XFYUN_API_SECRET. However the registry metadata claims no required environment variables or primary credential — that is inconsistent with the code and SKILL.md.
Instruction Scope
SKILL.md and the script only perform OCR against the declared API endpoint, but the documentation includes a suggested debug command that echoes the three credential environment variables to stdout (echo "XFYUN_APP_ID: $XFYUN_APP_ID | ..."). Printing secret values to shell output can leak credentials into logs or agent transcripts. Also .claude/settings.local.json allows WebFetch to console.xfyun.cn, but the runtime API URL used by the script is api.xf-yun.com — a mismatch that could prevent the skill from working as-is or indicate sloppy packaging.
Install Mechanism
Instruction-only with a single Python script and no install spec. No downloads or external installers; lowest install risk.
Credentials
The three requested environment variables (App ID, API Key, API Secret) are reasonable and required for the iFlytek API. The concern is that the registry metadata omitted these requirements, and the SKILL.md suggests commands that display those secrets. Additionally, build_auth_url places an encoded authorization (which contains the api_key) in the query string — that can expose identifying/auth data in logs or URL traces if not handled carefully.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system settings. Default autonomous invocation is allowed (platform default) but not combined with any additional elevated privileges here.
What to consider before installing
This skill implements iFlytek invoice OCR and the code matches that purpose, but there are a few red flags you should consider before installing:
- The registry metadata incorrectly lists no required environment variables, yet both SKILL.md and the script require XFYUN_APP_ID, XFYUN_API_KEY, and XFYUN_API_SECRET. Treat the SKILL.md as authoritative and provide those credentials only if you trust the skill/source.
- Avoid running the SKILL.md's debug echo command that prints the full values of your credentials — doing so can leak secrets into terminal history, CI logs, or agent transcripts. Instead, verify env vars exist without printing their values (for example, test presence by checking non-empty length in a safe script).
- The script constructs an authorization parameter (base64 including api_key) and appends it to the URL query; this can appear in logs and URL traces. Prefer running it in an environment where network traffic and logs are not publicly exposed.
- .claude/settings.local.json grants WebFetch to console.xfyun.cn but the API endpoint used is api.xf-yun.com — confirm that network permissions will allow requests to api.xf-yun.com or update allowed domains as needed.
- If you proceed, run the script in an isolated environment, keep credentials in a secure secrets store (not plain shell history), and review the script source yourself. If you cannot verify the publisher or prefer not to expose API credentials, do not install or run this skill.Like a lobster shell, security has layers — review code before you run it.
latestvk973y941hbhgg0yx4qmg1xx4rx83650f
License
MIT-0
Free to use, modify, and redistribute. No attribution required.