Image Ocr
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a straightforward OCR helper that uses a SiliconFlow API key and sends selected images/prompts to SiliconFlow, with no clear malicious behavior in the artifacts.
This skill looks safe to install if you intend to use SiliconFlow OCR. Before using it, confirm you trust the configured API endpoint, protect the SiliconFlow API key, and avoid submitting highly sensitive images unless you are comfortable with them being processed by the provider.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an untrusted or mistaken base URL is used, the API key and OCR request could be sent to the wrong server.
The helper normally targets SiliconFlow, but it allows the API endpoint to be overridden while still sending the bearer token to that endpoint.
ap.add_argument("--base-url", default="https://api.siliconflow.cn/v1") ... url = args.base_url.rstrip("/") + "/chat/completions" ... "Authorization": f"Bearer {key}"Use the default SiliconFlow endpoint unless you intentionally trust a proxy or alternate endpoint, and do not let untrusted text decide the base URL.
Installing and using the skill gives it access to the configured SiliconFlow account for OCR calls.
The skill uses a SiliconFlow API key from the environment or a local secrets file to authenticate requests.
key = os.getenv("SILICONFLOW_API_KEY", "").strip() ... key_file = os.path.expanduser("~/.openclaw/secrets/siliconflow_api_key") ... "Authorization": f"Bearer {key}"Store the API key securely, use a least-privileged key if available, and revoke or rotate it if you no longer use the skill.
Screenshots, receipts, forms, or other selected images may leave the local device and be processed by the external OCR provider.
When a local image path is provided, the script encodes the image and sends it in the API request to the configured OCR provider.
content.append({"type": "image_url", "image_url": {"url": to_data_uri(args.image_path)}}) ... with urllib.request.urlopen(req, timeout=90) as resp:Only submit images you are comfortable sending to SiliconFlow or a trusted configured endpoint, especially if they contain IDs, financial data, or private documents.