Back to skill

Security audit

Expense Invoice Ocr

Security checks across malware telemetry and agentic risk

Overview

This skill performs the OCR function it claims, but users should understand that selected invoice or receipt files are sent to Scnet's external OCR API.

Install only if you are comfortable sending the selected invoice, receipt, tax, travel, or medical billing document to Scnet's OCR service. Do not paste API keys into chat; store the key in a protected config file, and avoid uploading documents containing data you are not authorized to share with that provider.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The auto-trigger guidance is broad enough that ordinary user requests about invoices could invoke the skill without a clear confirmation step. Because the skill uploads local files to a third-party OCR API, ambiguous activation can cause unintended external disclosure of sensitive financial documents.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill asks users to provide a local file path for invoice images but does not clearly warn, up front, that those files will be uploaded to an external Scnet API. Since invoices and travel receipts often contain personal, financial, and tax data, omission of this warning can lead to unintentional exposure of sensitive information to a third party.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation instructs users to upload invoice and receipt files to a third-party OCR endpoint and include an API key, but it provides no warning that sensitive financial documents and personal data will be transmitted off-platform. In this skill context, the files may contain tax IDs, bank details, travel records, medical billing data, and other regulated or confidential information, so omission of privacy and data-handling disclosure materially increases risk.

External Transmission

Medium
Category
Data Exfiltration
Content
# Sugon-Scnet OCR API 文档摘要

## 接口地址
`POST https://api.scnet.cn/api/llm/v1/ocr/recognize`

## 请求头
- `Content-Type: multipart/form-data`
Confidence
90% confidence
Finding
https://api.scnet.cn/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.