Back to skill
Skillv1.0.1
ClawScan security
Vision Recognition Ocr · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 18, 2026, 10:33 AM
- Verdict
- Review
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill implements Baidu image-classify and OCR calls and requires Baidu credentials and sending images to Baidu, but the published metadata claims no required environment variables — this mismatch and the data-flow to external APIs warrant caution.
- Guidance
- This package will send whatever image you provide to Baidu's cloud OCR/classify endpoints and requires Baidu credentials. Before installing: (1) be aware the registry metadata omitted the required env vars — supply BAIDU_BCE_BEARER_TOKEN or API Key+Secret as documented in SKILL.md; (2) do not send sensitive images (personal documents, IDs, private photos) unless you trust Baidu and your account; (3) consider creating a limited/monitored Baidu account and API keys for this skill and rotate keys if needed; (4) if you want to be extra cautious, review the included scripts locally (they are short and readable) and run them in an isolated environment; (5) if the missing metadata concerns you, contact the skill publisher or avoid installing until the metadata matches the implementation.
Review Dimensions
- Purpose & Capability
- noteName/description (vision recognition + OCR) match the code and SKILL.md: the scripts call Baidu image-classify and OCR endpoints and accept local path/URL/base64 images. However the registry metadata lists no required environment variables or credentials while the implementation clearly expects Baidu API credentials — an incoherence between metadata and actual capability.
- Instruction Scope
- okSKILL.md instructions and the Python scripts are scoped to classification and OCR tasks. They accept image_path/url/base64 and build requests to Baidu APIs; they do not attempt to read unrelated system files or call unexpected external endpoints beyond Baidu.
- Install Mechanism
- okNo external install or remote downloads are used; the package contains local Python scripts. No extract-from-URL or third-party install steps are present. Scripts use the requests library (runtime dependency), which is normal.
- Credentials
- concernThe code and SKILL.md require Baidu credentials (BAIDU_BCE_BEARER_TOKEN / BAIDU_API_KEY / BAIDU_VISION_API_KEY + secrets). Those credentials are proportionate to the declared purpose (accessing Baidu APIs), but the skill registry metadata incorrectly lists no required env vars or primary credential — this mismatch is a practical risk (you might install without realizing you must supply secrets). Also BAIDU_API_KEY is used in multiple fallback roles which could be confusing and lead to accidental credential exposure.
- Persistence & Privilege
- okSkill is not always-enabled; it does not request elevated system privileges and does not modify other skills or global agent settings. Autonomous invocation is allowed (platform default) but is not by itself a new risk here.