ClawHub

Enterprise Qualification Ocr

Security checks across malware telemetry and agentic risk

Overview

This OCR skill appears purpose-built for document extraction, but it may upload sensitive local certificates or business-license images to a third-party API without enough user-facing consent and scoping.

Install only if you are comfortable sending the target documents to Scnet for OCR. Before use, confirm each file upload explicitly, avoid processing IDs, licenses, or certificates unless the service is approved for that data, and keep the SCNET_API_KEY stored with restricted permissions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill documentation indicates capabilities to read local files, invoke Python from the shell, and send data over the network, but it does not declare corresponding permissions or boundaries. This creates a transparency and consent gap: users may provide sensitive document paths for OCR without realizing the files will be transmitted to a third-party API.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The auto-trigger guidance is broad and can cause the skill to activate on loosely related requests involving image text extraction. In this context, auto-triggering is risky because the skill reads a user-supplied local file path and sends document contents to an external OCR service, potentially without sufficiently explicit user intent or data-transfer awareness.

External Transmission

Medium
Category
Data Exfiltration
Content
SCNET_API_KEY=your_scnet_api_key_here

# API 基础地址(一般无需修改)
SCNET_API_BASE=https://api.scnet.cn/api/llm/v1
```
2. 添加:`SCNET_API_KEY=你的密钥`
3. 设置文件权限为 600(仅所有者可读写)
Confidence
94% confidence
Finding
https://api.scnet.cn/

External Transmission

Medium
Category
Data Exfiltration
Content
| 变量名 | 默认值 | 说明 |
|--------|--------|------|
| SCNET_API_KEY | 必需 | Scnet API 密钥 |
| SCNET_API_BASE | https://api.scnet.cn/api/llm/v1 | API 基础地址(一般无需修改) |

### 输出
Confidence
94% confidence
Finding
https://api.scnet.cn/

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal