ClawHub

DeepRead Invoice Processing

v1.0.0

Extract structured data from invoices, receipts, and bills using DeepRead. Pre-built schemas for vendor, line items, totals, tax, due dates. 97%+ accuracy wi...

0· 44·0 current·0 all-time
byDeepRead.tech@uday390
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and runtime instructions all describe sending invoice PDFs/images to DeepRead's API and returning structured JSON. The only required secret is DEEPREAD_API_KEY, which is the expected credential for a hosted OCR/ML service.
Instruction Scope
SKILL.md instructs the agent to POST files to https://api.deepread.tech and poll job status — this is consistent with the purpose. Minor note: example Python code embeds API_KEY in a variable rather than demonstrating reading DEEPREAD_API_KEY from the environment (the setup section does show exporting DEEPREAD_API_KEY). There are no instructions to read unrelated system files, collect extra credentials, or send data to other endpoints.
Install Mechanism
Instruction-only skill with no install spec and no code files. Lowest-risk install footprint (nothing written to disk by the skill itself).
Credentials
Only one environment variable is required (DEEPREAD_API_KEY) and it aligns with the service being used. No unrelated secrets, config paths, or additional credentials are requested.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent system privileges. Autonomous invocation is allowed by default (normal) but not combined with any other high-risk behaviors.
Assessment
This skill appears coherent and limited to sending invoice files to DeepRead and returning parsed JSON. Before installing, consider: (1) You will be sending invoice images/PDFs (potentially sensitive financial data) to an external service — review DeepRead's privacy, retention, and encryption policies. (2) Keep DEEPREAD_API_KEY secret and rotate it if compromised; in real code read the key from the DEEPREAD_API_KEY environment variable rather than hardcoding. (3) Test with redacted or non-production documents first to confirm results and HIL (human-in-the-loop) flags behave as you expect. (4) If you have strict data residency or compliance requirements, verify DeepRead meets them. Otherwise, there are no other obvious red flags.

Like a lobster shell, security has layers — review code before you run it.

latestvk978cyfwa6m0ednye7g6zqf0kd840zrs

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvDEEPREAD_API_KEY
Primary envDEEPREAD_API_KEY

Comments