Back to skill
Skillv1.0.28
ClawScan security
WiseOCR · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 1, 2026, 1:06 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally coherent for a cloud OCR tool: it uploads a single file to WiseDiag for processing and requires an API key — nothing in the code or instructions indicates hidden or unrelated behavior, though there is a small metadata mismatch about declared environment variables.
- Guidance
- This skill appears to be what it says: a client that uploads a single PDF/image to WiseDiag and saves the returned Markdown locally. Before installing, consider the following: 1) The SKILL.md/README and script require WISEDIAG_API_KEY — set this only if you trust the WiseDiag service; the top-level registry metadata incorrectly omitted this requirement, so expect to provide the env var. 2) Do NOT upload sensitive/confidential documents — the skill uploads files to https://openapi.wisediag.com for processing. 3) Inspect the small script yourself (it's included) if you want to verify there are no extra network endpoints or telemetry; it uses only requests.post to the declared endpoint. 4) If you need offline processing for privacy, use a local OCR tool instead. 5) If you plan automated use, consider limiting the API key permissions on the WiseDiag console (if supported) and rotate keys regularly.
Review Dimensions
- Purpose & Capability
- okName, description, README, SKILL.md and the script all consistently implement a single-file PDF/image OCR that uploads to WiseDiag and returns Markdown. The code performs file validation, page counting, upload, and writing output to ~/.openclaw/workspace/WiseOCR — all proportional to an OCR client.
- Instruction Scope
- okSKILL.md instructs the user to set WISEDIAG_API_KEY and to run the provided script; the script only reads the provided input file, uses pypdf to count pages (for PDFs), uploads the file to the declared API endpoint, and writes back a markdown file. There are no instructions to read unrelated system files or exfiltrate other secrets. The README and SKILL.md explicitly warn about privacy and uploading sensitive documents.
- Install Mechanism
- okThis is instruction-only with a small Python script and requirements.txt; there is no install spec that downloads arbitrary archives or runs code from unknown URLs. The only external dependency is requests and pypdf via pip — expected for a Python CLI.
- Credentials
- noteThe script and docs require a single environment variable WISEDIAG_API_KEY (reasonable for a cloud OCR service). However, the registry metadata at the top of the provided summary lists 'Required env vars: none' and 'Primary credential: none', which contradicts SKILL.md/README and the script (which exits if WISEDIAG_API_KEY is unset). This appears to be a packaging/metadata inconsistency and should be corrected but does not change the proportionality of the credential.
- Persistence & Privilege
- okThe skill is not marked always:true and does not modify other skills or system-wide agent settings. It writes output to a workspace directory under the user's home (~/.openclaw/workspace/WiseOCR) which is normal for a CLI tool. Autonomous invocation is allowed by default (expected) but that is not combined with broad unexpected privileges.