ClawHub

Seal Ocr

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward seal OCR connector that uploads a user-selected file to SCNet for recognition, with privacy caution but no hidden or destructive behavior found.

Install only if you are comfortable sending selected images, PDFs, or archives to SCNet using your API key. Avoid using it on identity documents, contracts, invoices, or confidential seals unless you have permission and have reviewed SCNet's data handling terms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documentation declares capabilities that imply local file access, network access, and shell execution, but it does not declare corresponding permissions or constraints. This creates a transparency and governance gap: a caller may invoke the skill without understanding that local files will be read and transmitted to an external OCR service via executable code.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The document says the AI may automatically trigger the skill based on description keywords, but it does not define clear invocation boundaries, consent requirements, or data-sensitivity checks. In context, the skill accepts a local file path and sends image content to an external OCR API, so ambiguous auto-triggering increases the risk of unintended transmission of sensitive documents.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation describes sending user-supplied image files and a bearer token to a third-party OCR endpoint, but it provides no warning about external data transmission, privacy implications, or handling of potentially sensitive document contents. Because this skill processes seals and may be used on contracts, IDs, or other regulated documents, users could unknowingly transmit confidential data off-platform.

External Transmission

Medium
Category
Data Exfiltration
Content
SCNET_API_KEY=your_scnet_api_key_here

# API 基础地址(一般无需修改)
SCNET_API_BASE=https://api.scnet.cn/api/llm/v1
```
2. 添加:`SCNET_API_KEY=你的密钥`
3. 设置文件权限为 600(仅所有者可读写)
Confidence
93% confidence
Finding
https://api.scnet.cn/

External Transmission

Medium
Category
Data Exfiltration
Content
| 变量名 | 默认值 | 说明 |
|--------|--------|------|
| SCNET_API_KEY | 必需 | Scnet API 密钥 |
| SCNET_API_BASE | https://api.scnet.cn/api/llm/v1 | API 基础地址(一般无需修改) |

### 输出
Confidence
90% confidence
Finding
https://api.scnet.cn/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal