ClawHub
Back to skill

Security audit

Upstage Ocr

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a straightforward Upstage OCR helper, but users should understand that documents are uploaded to Upstage for processing.

Install only if you are comfortable sending chosen files to Upstage's external OCR service. Avoid using it for highly sensitive IDs, legal, medical, financial, or confidential business documents unless you have reviewed and accepted Upstage's data handling terms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (8)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill repeatedly instructs sending user-provided documents to a third-party OCR service but never includes an explicit user-facing warning that document contents leave the local environment. This is dangerous because users may submit sensitive scans (IDs, invoices, medical or legal records) without informed consent about external transmission and retention behavior.

External Transmission

Medium
Category
Data Exfiltration
Content
import os
import requests

response = requests.post(
    "https://api.upstage.ai/v1/document-digitization",
    headers={"Authorization": f"Bearer {os.environ['UPSTAGE_API_KEY']}"},
    files={"document": open("scan.pdf", "rb")},
Confidence
90% confidence
Finding
requests.post( "https://

External Transmission

Medium
Category
Data Exfiltration
Content
def ocr_document(file_path):
    with open(file_path, "rb") as f:
        response = requests.post(
            "https://api.upstage.ai/v1/document-digitization",
            headers={"Authorization": f"Bearer {os.environ['UPSTAGE_API_KEY']}"},
            files={"document": f},
Confidence
90% confidence
Finding
requests.post( "https://

External Transmission

Medium
Category
Data Exfiltration
Content
import requests

response = requests.post(
    "https://api.upstage.ai/v1/document-digitization",
    headers={"Authorization": f"Bearer {os.environ['UPSTAGE_API_KEY']}"},
    files={"document": open("scan.pdf", "rb")},
    data={"model": "ocr"}
Confidence
87% confidence
Finding
https://api.upstage.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
### Sync — Basic OCR

```bash
curl -X POST "https://api.upstage.ai/v1/document-digitization" \
  -H "Authorization: Bearer $UPSTAGE_API_KEY" \
  -F "document=@/path/to/image.jpg" \
  -F "model=ocr"
Confidence
87% confidence
Finding
https://api.upstage.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
def ocr_document(file_path):
    with open(file_path, "rb") as f:
        response = requests.post(
            "https://api.upstage.ai/v1/document-digitization",
            headers={"Authorization": f"Bearer {os.environ['UPSTAGE_API_KEY']}"},
            files={"document": f},
            data={"model": "ocr"}
Confidence
87% confidence
Finding
https://api.upstage.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# 1. Submit
curl -X POST "https://api.upstage.ai/v1/document-digitization/async" \
  -H "Authorization: Bearer $UPSTAGE_API_KEY" \
  -F "document=@large.pdf" \
  -F "model=ocr"
Confidence
87% confidence
Finding
https://api.upstage.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
import requests

api_key = os.environ["UPSTAGE_API_KEY"]
base = "https://api.upstage.ai/v1/document-digitization"

with open("large.pdf", "rb") as f:
    r = requests.post(
Confidence
85% confidence
Finding
https://api.upstage.ai/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal