ClawHub

RapidOCR

v1.0.0

The latest official RapidOCR command-line version, supporting Chinese-English mixed OCR text recognition for local images (JPG/PNG/WEBP). No complex configur...

1· 20·0 current·0 all-time
by@rapidai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (local OCR for images) match the required actions: invoking a local CLI (rapidocr), reading image files, and optionally writing visualization output. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md instructs the agent to run the rapidocr CLI against provided image paths/URLs and to read/write image files (save visualizations). These actions are within the scope of an OCR tool. The one noteworthy capability is allowance of URL image inputs (the CLI may fetch remote images), but the skill does not instruct collection of unrelated files or environment secrets.
Install Mechanism
This is an instruction-only skill (no install spec executed by the platform), but it tells users to run 'pip install rapidocr onnxruntime'. Installing a third-party PyPI package can execute arbitrary code during install; this is expected for Python CLI tools but carries normal supply-chain risk. No direct downloads from arbitrary URLs or extract operations are present in the skill files.
Credentials
The skill requests no environment variables, credentials, or config paths. File read/write and exec permissions are declared and justified for reading images and saving visualization outputs.
Persistence & Privilege
always: false and the skill is user-invocable. It does not request persistent platform privileges or attempt to modify other skills or system-wide agent settings.
Assessment
This skill appears coherent for running a local OCR CLI, but exercise the usual caution before installing third-party Python packages. Verify the rapidocr package source (PyPI/project homepage), install in a virtualenv, and prefer examining the package/project repo and release notes before installing system-wide. If you don't want the tool to fetch remote images, avoid passing image URLs and only supply local files. If you need stronger guarantees, run installation and execution in an isolated environment (container/VM) and review the package code or checksum on its official repository first.

Like a lobster shell, security has layers — review code before you run it.

latestvk9764eb1gdtywgzhcn3fre88e184fvd9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments