ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Tesseract Receipt Tracker

v1.0.0

OCR-based receipt tracker for expense, travel, freelance logging using tesseract. Extracts date, vendor, amount, tax, mileage, items from receipts/invoices/i...

0· 51·0 current·0 all-time
by@skunnyo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description claim OCR + receipt parsing using Tesseract and the bundle includes a parsing script — that fits. There are no unrelated credential requests or config paths. However the instructions ask to install a PyPI package named 'tesseract' (ambiguous) and to run system package installs with sudo, which is not strictly needed in many environments and is imprecise.
!
Instruction Scope
SKILL.md instructs executing shell installs (exec pip install tesseract; exec sudo apt update && sudo apt install tesseract-ocr) and running tesseract with nonstandard CLI flags. These commands require privileged/system changes and reference installing packages from package managers — they are within the stated purpose (installing OCR) but are imprecise and riskier than necessary. There is no instruction to avoid exfiltration or to sandbox these installs; the instructions also assume apt/sudo availability.
!
Install Mechanism
There is no formal install spec, but the runtime advises installing via 'pip install tesseract' — that name is ambiguous on PyPI and could pull an unexpected package. It also suggests running 'sudo apt install tesseract-ocr' which requires elevated privileges. Both are higher-risk than an instruction-only skill that simply calls an existing system binary.
Credentials
The skill requests no environment variables, no credentials, and no config paths. That is proportionate to its stated purpose.
Persistence & Privilege
always is false and the skill does not request persistent privileges or claim to modify other skills. The only privilege-related issue is the instruction to run sudo apt commands, which requires elevated system privileges but is not persistence or cross-skill modification.
What to consider before installing
This skill appears to do what it says (OCR + parse receipts), but do NOT run its install lines as-is. 'pip install tesseract' is ambiguous and could install an unexpected PyPI package — the usual Python binding is 'pytesseract' (and it still requires system tesseract). The apt install step requires sudo and modifies the host. The included parser script has bugs (incorrect format string '0/1/2'.format(...), a mileage condition that always fails, and crude regexes), so it may produce wrong output. Before installing/use: (1) run in an isolated VM/container; (2) install system tesseract from a trusted source yourself (or via your OS package manager) rather than auto-running the skill's commands; (3) avoid blindly running 'pip install tesseract' — inspect that package on PyPI or use 'pytesseract'; (4) review and fix parse_receipt.py bugs and test on sample receipts; (5) prefer to run the code locally with controlled inputs rather than giving the agent permission to execute install commands autonomously.

Like a lobster shell, security has layers — review code before you run it.

latestvk978nhtxvfdrdjg4qh0pbds3wx83tm24

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments