Local GLM OCR with llama.cpp on AIPC(no API Key)
ReviewAudited by ClawScan on May 14, 2026.
Overview
This appears to be a coherent local OCR skill, but it downloads and runs local AI binaries/packages, so users should trust those sources before using it.
This skill looks purpose-aligned for local Windows OCR. Before installing, be comfortable with downloading and running llama.cpp, installing Python packages/model files, and creating a local OCR work directory. Avoid setting provider tokens unless necessary, and manually review the setup commands if you do not want the agent to perform installation steps autonomously.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If granted autonomy, the agent can run local setup and inference commands, not just read an image.
The skill gives the agent broad local shell and file capabilities. This is consistent with installing and running a local OCR stack, but it means command execution should be limited to the documented workflow.
allowed-tools: Bash(powershell *), Bash(python *), Bash(llama-server *), Read, Write, message
Review the commands before allowing autonomous execution, especially on a non-Windows system or a machine with important local files.
A Hugging Face token is not needed for the advertised public model, but setting one could let the download library access your Hugging Face account permissions.
The default model is public, but the documentation mentions an optional provider token for private/gated models. No artifact shows token logging or storage.
If you use a private or gated HuggingFace model, you may need to set $env:HUGGINGFACE_TOKEN ... this skill does not request or store any tokens automatically.
Do not set a Hugging Face token unless you intentionally switch to a gated/private model, and use the least-privileged token possible.
Your machine will rely on a downloaded external binary; if that upstream release or download path were compromised, the local executable could be unsafe.
The installer downloads and extracts a prebuilt executable archive from GitHub. This is central to local llama.cpp inference and is disclosed in SKILL.md, but the artifact does not show checksum or signature verification.
url = f"https://github.com/ggml-org/llama.cpp/releases/download/{TAG}/llama-{TAG}-bin-win-vulkan-x64.zip"
urllib.request.urlretrieve(url, zip_path)
... zf.extractall(llama_dir)Only proceed if you trust the llama.cpp release source, and consider verifying the release checksum/signature manually when available.
Running OCR will start a local AI server process during the task.
The OCR flow starts a local llama-server executable to process the selected image. This is expected for the skill's purpose, binds to 127.0.0.1, and is terminated in the finally block.
SERVER_EXE = os.path.join(LLAMA_DIR, "llama-server.exe") ... server_proc = subprocess.Popen(server_args, ...)
Use the skill on a trusted machine, with model and binary files from trusted sources, and stop execution if the server behaves unexpectedly.