百度文档AI

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This appears to be a coherent Baidu Document AI client; its main risks are expected ones: it uses Baidu API credentials and sends user-selected documents to Baidu for processing.

Install this skill only if you are comfortable sending selected documents to Baidu's Document AI APIs. Use dedicated API keys if possible, protect any stored credentials, and avoid processing documents that your privacy or compliance rules do not allow you to upload to an external provider.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI03: Identity and Privilege Abuse

Low

What this means

Anyone using the skill must provide Baidu API keys, and API calls may consume quota or incur account-level effects on that Baidu service.

Why it was flagged

The skill explicitly requires Baidu API credentials, which is expected for calling Baidu's document-analysis APIs but gives the skill delegated access to that Baidu service account and quota.

Skill content

credentials:
    - BAIDU_DOC_AI_API_KEY
    - BAIDU_DOC_AI_SECRET_KEY

Recommendation

Use dedicated or least-privilege Baidu credentials where possible, avoid sharing keys, and store them only in protected environment variables or configuration files.

#ASI07: Insecure Inter-Agent Communication

Low

What this means

Documents submitted through the skill, including contracts or business files, may be transmitted to Baidu for processing.

Why it was flagged

The client reads a local file, base64-encodes it, and posts request data to the configured Baidu API endpoints; this is purpose-aligned but means selected documents leave the local environment.

Skill content

return base64.b64encode(f.read()).decode("utf-8") ... response = requests.post(url, data=data, timeout=30)

Recommendation

Only process documents you are allowed to upload to Baidu, review any optional callback or output settings, and avoid submitting highly confidential files unless your organization approves that data flow.

#ASI04: Agentic Supply Chain Vulnerabilities

Info

What this means

A future or environment-specific version of the dependency could behave differently from the version the author tested.

Why it was flagged

The package declares an unpinned Python dependency; this is normal for a simple API client but can lead to different installed versions over time.

Skill content

dependencies:
  - requests>=2.28.0

Recommendation

Install dependencies from trusted package sources and consider pinning dependency versions in controlled environments.