ClawHub

Telegraph Transfer Ocr

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward cloud OCR wrapper for bank transfer vouchers, but users should understand that selected documents are uploaded to Scnet for processing.

Install only if you are comfortable sending the selected transfer voucher files to Scnet's OCR service. Avoid using it for regulated, confidential, or customer financial documents unless you have approval and understand the provider's privacy, retention, and deletion terms. Keep SCNET_API_KEY in the local config file or environment, not in chat.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill clearly requires local file access, outbound network access to a third-party OCR API, and shell execution via a Python script, but these capabilities are not explicitly declared as permissions. This creates a transparency and consent gap: a user may invoke the skill without understanding that local documents will be read and transmitted externally.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The document instructs clients to upload images/PDFs/archives containing potentially highly sensitive financial and identity data to an external OCR provider, but it provides no privacy notice, data-handling constraints, retention details, or user-consent guidance. In the context of telegraph transfer voucher OCR, the transmitted content can include names, bank account numbers, amounts, dates, ID data, and stamps, making undisclosed third-party transmission materially risky.

External Transmission

Medium
Category
Data Exfiltration
Content
SCNET_API_KEY=your_scnet_api_key_here

# API 基础地址(一般无需修改)
SCNET_API_BASE=https://api.scnet.cn/api/llm/v1
```
2. 添加:`SCNET_API_KEY=你的密钥`
3. 设置文件权限为 600(仅所有者可读写)
Confidence
93% confidence
Finding
https://api.scnet.cn/

External Transmission

Medium
Category
Data Exfiltration
Content
| 变量名 | 默认值 | 说明 |
|--------|--------|------|
| SCNET_API_KEY | 必需 | Scnet API 密钥 |
| SCNET_API_BASE | https://api.scnet.cn/api/llm/v1 | API 基础地址(一般无需修改) |

### 输出
Confidence
91% confidence
Finding
https://api.scnet.cn/

External Transmission

Medium
Category
Data Exfiltration
Content
# Sugon-Scnet OCR API 文档摘要

## 接口地址
`POST https://api.scnet.cn/api/llm/v1/ocr/recognize`

## 请求头
- `Content-Type: multipart/form-data`
Confidence
91% confidence
Finding
https://api.scnet.cn/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal