ClawHub

DeepRead Form Fill

v1.1.0

AI-powered PDF form filling. Upload any PDF form and your data as JSON — AI detects fields visually, maps your data semantically, fills the form with quality...

1· 410·0 current·0 all-time
byDeepRead.tech@uday390
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the requested environment variable and included code. The package and SKILL.md only describe interactions with api.deepread.tech and require DEEPREAD_API_KEY — exactly what a hosted form-fill service would need.
Instruction Scope
SKILL.md and the provided scripts only instruct uploading a PDF and JSON fields, polling the job endpoint, and optionally setting a webhook_url. They do not instruct reading unrelated files, secrets, or system state. The webhook option legitimately posts results to a user-supplied URL (documented).
Install Mechanism
No install spec; this is instruction-plus-reference-implementations only. No downloads or archive extraction. Low installation risk.
Credentials
Only DEEPREAD_API_KEY is required and is clearly the primary credential for the described API calls. No unrelated credentials, config paths, or excessive env variables are requested.
Persistence & Privilege
always is false and disable-model-invocation is true (the skill will not be autonomously invoked by the model). The skill does not request persistent system privileges or modify other skills' configs.
Assessment
This package appears internally consistent and implements a simple client for DeepRead's form-fill API. Before using it, consider: (1) Trust and privacy — uploaded PDFs may contain sensitive PII, so verify DeepRead's privacy, retention, and encryption policies; (2) API key handling — treat DEEPREAD_API_KEY like any secret (use least-privilege / rotate keys and avoid embedding keys in shared environments); (3) Webhook caution — if you provide a webhook_url, results (including filled PDFs and reports) will be POSTed to that URL, so ensure the endpoint is HTTPS and validates requests to avoid accidental data exposure; (4) Verify provider — the package points to deepread.tech and a GitHub repo URL; if you need stronger assurance, inspect the upstream repository and privacy docs or test with non-sensitive sample forms first. The included scripts contact only api.deepread.tech and do not access other system secrets.

Like a lobster shell, security has layers — review code before you run it.

latestvk9708j039sf4nt0hj39j1j4yjh83ycps

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvDEEPREAD_API_KEY
Primary envDEEPREAD_API_KEY

Comments