ClawHub

Personal Id Ocr

v1.0.3

支持身份证正反两面全自动检测与识别,提取姓名、性别、民族、出生日期、住址、公民身份号码及签发机关等关键字段。

0· 123·0 current·0 all-time
by@scnet-sugon
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchasesRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation: the Python script posts image files to https://api.scnet.cn/api/llm/v1/ocr/recognize and extracts ID fields. Required env var (SCNET_API_KEY) and optional SCNET_API_BASE are appropriate for a remote OCR API.
Instruction Scope
SKILL.md limits runtime behavior to reading a local image file and a local config/.env (or env var) and calling the Scnet OCR endpoint. It does not instruct reading unrelated system files or exfiltrating data to unknown endpoints.
Install Mechanism
No install spec; code is instruction-only with a small Python script that uses requests. No external archive downloads or unusual installers are present.
Credentials
Only SCNET_API_KEY (and optional SCNET_API_BASE) are required. That is proportionate for a third‑party OCR service. The code reads only the declared config file or environment variable.
Persistence & Privilege
Skill is not always-enabled and does not modify other skills or system-wide config. It runs on-demand and only requires normal network access to the declared API endpoint.
Assessment
This package appears internally coherent, but you should still exercise caution: 1) The skill sends images (often containing highly sensitive PII) to a third‑party OCR service — verify you trust Scnet and review their privacy policy before sending real ID images. 2) Keep SCNET_API_KEY secret (store in a file with restrictive permissions or use environment variables); never paste it into chat. 3) Confirm network traffic is going only to the expected domain (api.scnet.cn or your configured SCNET_API_BASE). 4) The repository/source is listed inconsistently in registry metadata — if provenance matters, verify the publisher and upstream source (the package includes a placeholder GitHub URL). 5) If you test, try with non-sensitive images first and be prepared to revoke the API key if anything looks wrong.

Like a lobster shell, security has layers — review code before you run it.

latestvk9733ggph8stvh6vjf4a3z8nj584wdwg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments