Korean Document Reviewer
v1.1.1한국 비즈니스 서류(세금계산서, 계약서, 통장사본, 견적서, 거래명세서, 사업자등록증, 사업비 요청 공문, 지원금 신청서, 검수조서, 이체확인증, 결과보고서) 검토 및 검증. Use when reviewing Korean business documents for format compliance, required fields, value accuracy, and cross-document consistency. Triggers on: 서류 검토, 문서 확인, 세금계산서 검증, 계약서 리뷰, 견적서 확인, 통장사본 검증, 거래명세서 확인, 사업자등록증 확인, 검수조서 검토, 이체확인증 검증, 결과보고서 검토, document review, invoice check.
⭐ 0· 988·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (Korean business document review) matches the instructions and reference checklists. Required capabilities (OCR, PDF→image conversion, per-document checklists, JSON output) are exactly what the skill documents ask for. There are no unrelated credentials, binaries, or external services required.
Instruction Scope
Runtime instructions focus on converting PDFs to images, running OCR, extracting fields, and cross-validating across documents — all within the stated purpose. It explicitly recommends spawning Sonnet sub-agents (sessions_spawn) and instructing them to read image paths and return JSON. This is expected for distributed processing, but it means sensitive PII (사업자등록번호, 계좌번호, 예금주 등) will be handled and transmitted between agent sessions; users should confirm that agent-to-agent communications and workspace storage meet their privacy/security requirements.
Install Mechanism
No install spec and no code files — instruction-only. The only external command referenced is pdftoppm (standard PDF→image utility), which is proportional to PDF processing. No downloads, third-party installs, or unusual package pulls are present.
Credentials
The skill declares no required environment variables, credentials, or config paths. The fields and data it extracts are sensitive by nature (IDs, account numbers), but these are appropriate for the review task and are not requested as environment secrets.
Persistence & Privilege
always:false and no requests to modify other skills or system configs. The skill instructs spawning of sub-agents (autonomous child sessions) and saving JSON results to a workspace path (reviews/REV-...). Spawning sub-agents is consistent with the distributed workflow but expands the operational surface (more sessions will process sensitive data).
Assessment
This skill appears coherent and aligned with its stated purpose, but before installing consider the following: (1) It processes and extracts sensitive PII (business registration numbers, bank account numbers, representative names). Ensure your platform's workspace, logs, and inter-agent messaging are secure and that you are comfortable with these data being stored in reviews/REV-... JSON files. (2) The workflow uses sessions_spawn to run Sonnet sub-agents and a specific model name; verify that your environment supports that model and that you trust agent-to-agent communications and any third-party LLM endpoints. (3) The skill suggests sending chat summaries to channels like Discord — confirm you will not accidentally forward sensitive data to external chat integrations. (4) No credentials are requested by the skill itself, which is good; nevertheless, treat all extracted outputs as sensitive data and enforce appropriate access controls and retention policies. If you need higher assurance, request the publisher/source, or run the skill in an isolated environment with test/ redacted documents first.Like a lobster shell, security has layers — review code before you run it.
latestvk97bp7rytv69z1csvs19d5jaa981327w
License
MIT-0
Free to use, modify, and redistribute. No attribution required.