ClawHub

Car Sales Invoice Ocr

Security checks across malware telemetry and agentic risk

Overview

This skill is a clear vehicle-invoice OCR wrapper that sends user-selected files to Scnet’s OCR API, which is privacy-sensitive but disclosed and purpose-aligned.

Install only if you are allowed to send the selected vehicle invoice images or PDFs to Scnet’s OCR service. Keep the API key in config/.env with restricted permissions, verify SCNET_API_BASE before use, and avoid submitting invoices containing data you are not authorized to share.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documentation indicates capabilities to read local files, invoke a Python script, and send data to an external API, but it does not declare corresponding permissions. This creates a transparency and consent problem: users may provide sensitive invoice images and local file paths without clear disclosure that the content will be transmitted off-host.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation instructs users to upload invoice images/files to a third-party OCR endpoint but does not disclose the privacy and data-transfer implications. In this skill's context, the uploaded files contain highly sensitive personal and commercial data such as buyer identity, VIN, engine number, tax IDs, bank/account details, and invoice values, so omission of a clear warning can cause unintended exfiltration of regulated data.

External Transmission

Medium
Category
Data Exfiltration
Content
SCNET_API_KEY=your_scnet_api_key_here

# API 基础地址(一般无需修改)
SCNET_API_BASE=https://api.scnet.cn/api/llm/v1
```
2. 添加:`SCNET_API_KEY=你的密钥`
3. 设置文件权限为 600(仅所有者可读写)
Confidence
91% confidence
Finding
https://api.scnet.cn/

External Transmission

Medium
Category
Data Exfiltration
Content
| 变量名 | 默认值 | 说明 |
|--------|--------|------|
| SCNET_API_KEY | 必需 | Scnet API 密钥 |
| SCNET_API_BASE | https://api.scnet.cn/api/llm/v1 | API 基础地址(一般无需修改) |

### 输出
Confidence
90% confidence
Finding
https://api.scnet.cn/

External Transmission

Medium
Category
Data Exfiltration
Content
# Sugon-Scnet OCR API 文档摘要

## 接口地址
`POST https://api.scnet.cn/api/llm/v1/ocr/recognize`

## 请求头
- `Content-Type: multipart/form-data`
Confidence
88% confidence
Finding
https://api.scnet.cn/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal