ClawHub
Back to skill
v1.0.2

Online Deepseek-OCR

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:30 AM.

Analysis

This is a coherent cloud OCR skill, but it uploads selected images to SiliconFlow and uses a local API key, so users should treat image contents and the key as sensitive.

GuidanceBefore installing, decide whether you are comfortable sending OCR images to SiliconFlow, keep the API-key config file private, and install the Python dependencies in an isolated environment.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
requirements.txt
requests>=2.28.0 / Pillow>=9.0.0 / numpy>=1.21.0

The skill depends on third-party Python packages with lower-bound version constraints rather than exact pins. This is common and purpose-aligned for OCR preprocessing and HTTP requests, but it pulls current package versions at install time.

User impactInstalling dependencies executes and trusts third-party package code from the configured Python package source.
RecommendationInstall in a virtual environment and consider pinning exact dependency versions or using a lockfile for reproducible installs.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
scripts/ocr.py
self.api_key = self.config.get("apiKey", "").strip() ... "Authorization": f"Bearer {self.api_key}"

The skill reads a local API key and uses it as a bearer token for SiliconFlow requests. This is purpose-aligned, but the key grants access to the user's provider account or quota.

User impactIf config.json is exposed or the endpoint is changed unexpectedly, the API key could be misused.
RecommendationKeep config.json private, avoid committing it to repositories, and use a limited or dedicated SiliconFlow API key when possible.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
scripts/ocr.py
image_data = self.preprocessor.preprocess_to_base64(image_input) ... requests.post(f"{self.base_url}/chat/completions", headers=headers, json=payload, timeout=60)

Local image files are converted to base64 and sent to the configured cloud API endpoint. This is expected for a cloud OCR skill, but it means image contents are shared with the provider.

User impactPrivate or sensitive information inside images may be processed by SiliconFlow or whatever endpoint is configured.
RecommendationOnly OCR images you are comfortable uploading to the configured provider, and review the provider's privacy and retention terms.