ClawHub

Payment Voucher Ocr

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward cloud OCR skill that uploads a user-specified payment-voucher file to Scnet, but users should treat the uploaded documents as sensitive financial data.

Install only if you are comfortable sending payment vouchers and their extracted contents to Scnet’s OCR API. Avoid uploading documents with unnecessary personal or financial details, confirm the destination endpoint and API key handling, and review the provider’s privacy/retention terms before using it on confidential or regulated records.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill documentation indicates it will read local files, invoke Python/scripts, and send data to an external OCR API, but it does not declare permissions for file access, network use, or shell execution. This creates a transparency and consent gap: users or orchestrators may auto-run the skill without understanding that local documents will be transmitted off-host.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger guidance says the AI may automatically invoke the skill based on broad description keywords, without clear boundaries or confirmation requirements. Because the skill reads a local file path and uploads document content to a third-party API, ambiguous activation can cause unintended exfiltration of sensitive financial images.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation instructs clients to upload potentially highly sensitive OCR source files and to use a bearer token, but it provides no warning about the privacy sensitivity of IDs, payment vouchers, signatures, or seal data. In this skill context, the omission is more dangerous because the described use case involves financial and identity-bearing documents, increasing the risk of accidental external transmission of regulated or confidential data.

External Transmission

Medium
Category
Data Exfiltration
Content
SCNET_API_KEY=your_scnet_api_key_here

# API 基础地址(一般无需修改)
SCNET_API_BASE=https://api.scnet.cn/api/llm/v1
```
2. 添加:`SCNET_API_KEY=你的密钥`
3. 设置文件权限为 600(仅所有者可读写)
Confidence
87% confidence
Finding
https://api.scnet.cn/

External Transmission

Medium
Category
Data Exfiltration
Content
| 变量名 | 默认值 | 说明 |
|--------|--------|------|
| SCNET_API_KEY | 必需 | Scnet API 密钥 |
| SCNET_API_BASE | https://api.scnet.cn/api/llm/v1 | API 基础地址(一般无需修改) |

### 输出
Confidence
84% confidence
Finding
https://api.scnet.cn/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal