Greek Document Ocr
ReviewAudited by ClawScan on May 10, 2026.
Overview
The core OCR workflow is local and purpose-aligned, but the skill also introduces optional Xero/accounting export capabilities that conflict with its “no cloud APIs/no credentials” framing and are not clearly scoped.
Use this as a local OCR helper only if you are comfortable installing Tesseract and storing outputs under OPENCLAW_DATA_DIR. Treat any QuickBooks, Xero, or banking integration as a separate high-impact action: do not provide a Xero API key or export financial data unless you explicitly intend to send those OCR results to that accounting system and understand the account permissions involved.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If enabled, an agent could use a Xero API key to send sensitive invoice or receipt OCR results into an accounting account without clearly documented limits.
The skill introduces a third-party accounting API credential and direct result-push capability, but the surrounding metadata and setup frame the skill as local OCR with no credentials. The artifacts do not specify Xero scopes, approval requirements, or what records may be created or modified.
"optional_env": {"QUICKBOOKS_IMPORT_DIR": "Directory for QuickBooks-compatible OCR export files", "XERO_API_KEY": "Xero API key for direct OCR result push"}Declare the Xero credential in registry metadata, document the exact scopes and actions, default to local-only export, and require explicit user confirmation before any direct Xero push.
Sensitive OCR outputs from invoices, receipts, or government forms could leave the local machine if the Xero integration is used.
The skill processes sensitive financial and government documents, but also describes an external provider push while advertising local/no-cloud behavior. The data boundary for sending OCR results to Xero is not clearly explained.
description: Greek-language OCR using Tesseract. Processes scanned invoices, receipts, and government documents. Local processing, no cloud APIs. ... "XERO_API_KEY": "Xero API key for direct OCR result push"
Clearly separate local OCR from optional cloud/accounting-provider export, label the Xero path as external transmission, and ask the user to choose specific files and destinations before upload.
Installing packages with sudo affects the system and should only be done from trusted package repositories.
The setup instructions ask the user to install system packages. This is expected for a local Tesseract OCR skill and is user-directed, but it still changes the local environment.
sudo apt install tesseract-ocr tesseract-ocr-ell which jq || sudo apt install jq
Verify the packages and repository source before running the setup commands.