ClawHub

openocr-skill

Security checks across malware telemetry and agentic risk

Overview

This is a coherent OCR skill, but its examples can publish an OCR demo over the network without clear warnings about exposing sensitive documents.

Install only if you are comfortable running local OCR code on your documents. Avoid `--share`, `share=True`, and `0.0.0.0` unless you intentionally want a remote OCR demo and have network controls in place; treat generated outputs as sensitive if the source files are sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill explicitly documents launching Gradio demos with `--share`, which creates externally reachable endpoints unrelated to the core local OCR/document-parsing function. If users process sensitive images or PDFs through these shared demos, document contents may be exposed over the network or to unintended parties without adequate warning.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The example code launches a demo with `share=True` and, for one case, `server_name='0.0.0.0'`, which exposes the application on all interfaces and potentially to the public internet. In the context of OCR on potentially confidential documents, this broadens the attack surface and risks leakage of uploaded file contents or unauthorized access to the demo service.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The CLI examples encourage running Gradio apps with sharing enabled but do not warn that uploaded documents and OCR results may traverse or be exposed through a network-accessible service. Because this skill handles potentially sensitive scanned documents, the lack of disclosure increases the chance of inadvertent data exposure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal