ClawHub

DeepRead Legal Documents

v1.0.0

Extract structured data from contracts, legal agreements, court filings, and compliance documents. Pre-built schemas for parties, clauses, dates, obligations...

0· 44·0 current·0 all-time
byDeepRead.tech@uday390
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (extract structured data from legal documents) align with the runtime instructions and required credential: the SKILL.md shows the agent POSTing documents to https://api.deepread.tech and using a DEEPREAD_API_KEY. The homepage matches the expected service. Note: the skill source is listed as unknown in registry metadata – verify the vendor if provenance matters to you.
Instruction Scope
Instructions are narrowly scoped: upload documents to the DeepRead API, poll for results, and return structured JSON. The SKILL.md does not instruct the agent to read unrelated system files, other env vars, or to exfiltrate data to unexpected endpoints. It does instruct the agent to send full documents to a third-party API (necessary for the function) so users should consider data privacy implications.
Install Mechanism
No install spec and no code files (instruction-only). This is lowest-risk from an installation perspective — nothing is written to disk or downloaded by the skill itself.
Credentials
Only a single credential (DEEPREAD_API_KEY) is required and declared as the primaryEnv. That is proportional for a hosted API service. No unrelated secrets or config paths are requested.
Persistence & Privilege
always:false and no install mean the skill does not request permanent/system-wide presence. disable-model-invocation is false (normal), but this is not combined with broad credentials or other red flags.
Assessment
This skill appears coherent for a cloud document-extraction provider, but you are sending potentially sensitive legal documents to a third party. Before installing or using it: (1) verify vendor identity and review DeepRead's privacy/security docs and data-processing agreement; confirm retention, deletion, and access controls; (2) test with non-sensitive documents first; (3) use a dedicated API key or service-account key with limited scope and rotate it regularly; (4) confirm that the workflow's PII-redaction claims meet your legal/privilege requirements and that 'hil_flag' items are routed for manual review; (5) if organizational policy restricts external uploads of certain documents, do not use the skill for those files; (6) consider disabling autonomous invocation for this skill if you want to ensure human approval before any document is uploaded. If you need higher assurance, request vendor transparency (SOC/ISO reports, DPA) or use an on-premises tool instead.

Like a lobster shell, security has layers — review code before you run it.

latestvk97eqvgwbvrkz5r6cq02tzsgn5844h4x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvDEEPREAD_API_KEY
Primary envDEEPREAD_API_KEY

Comments