Image Ocr
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill appears to be a simple OCR helper that uses Tesseract on user-chosen image files, with only a normal manual package-install note.
This looks safe for its stated purpose. Before installing, make sure Tesseract comes from a trusted package repository, and only run OCR on images whose text you are comfortable sharing with the agent session.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
63/63 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the dependency changes the local system package set, though this is normal for the skill's OCR purpose.
The skill depends on an external OCR binary installed through the system package manager. This is expected for a Tesseract-based OCR skill, but it is still a local software installation step.
sudo dnf install tesseract
Use a trusted distribution repository or package source for Tesseract, and avoid installing from unknown third-party locations.