Skillv1.0.2

ClawScan security

TencentCloud General OCR · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 10, 2026, 2:38 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill appears to implement Tencent Cloud AdvertiseOCR correctly, but the registry metadata omits required Tencent Cloud credentials and there is no automated install spec — this mismatch is concerning and should be resolved before trusting the skill.
Guidance: This skill's code and documentation implement Tencent Cloud AdvertiseOCR and require your Tencent Cloud API keys (TENCENTCLOUD_SECRET_ID and TENCENTCLOUD_SECRET_KEY), but the registry metadata does not declare those env vars — treat that as a red flag. Before installing or running: (1) verify the source and trustworthiness of the skill owner; (2) inspect the included scripts (you already have main.py) and confirm there are no unexpected network endpoints; (3) provide credentials only in a controlled environment (use short-lived keys or a restricted account if possible); (4) run the script in an isolated environment (container) and avoid passing files that contain other secrets; (5) consider adding an explicit install step that pins tencentcloud-sdk-python to a known-safe version, or manually install dependencies after review. If you plan to enable this skill for autonomous agent use, resolve the metadata inconsistency first so users understand what credentials will be required.

Review Dimensions

Purpose & Capability: noteThe code and SKILL.md implement a Tencent Cloud AdvertiseOCR client and legitimately require Tencent Cloud API keys; the requested capabilities (OCR via tencentcloud-sdk-python) align with the skill's stated purpose. However, the registry metadata claims no required environment variables/credentials while both the instructions and script require TENCENTCLOUD_SECRET_ID and TENCENTCLOUD_SECRET_KEY — this metadata omission is inconsistent and reduces trust.
Instruction Scope: okThe runtime instructions and script stay within OCR scope: they accept an image URL or base64/file, read files only when explicitly provided, call the official OCR endpoint (ocr.tencentcloudapi.com), and format the response. The script reads environment variables for credentials and does not access unrelated system paths or exfiltrate data to unexpected endpoints.
Install Mechanism: noteThere is no install spec in the registry (instruction-only), but SKILL.md and the script require the third-party package tencentcloud-sdk-python and instruct the user to pip install it. Lack of an explicit install entry means dependencies won't be auto-installed and package versions are unpinned — this is reasonable for an instruction-only skill but raises supply-chain and reproducibility concerns.
Credentials: concernThe only sensitive items the skill needs are Tencent Cloud API keys (TENCENTCLOUD_SECRET_ID and TENCENTCLOUD_SECRET_KEY), which are proportionate to calling the Tencent OCR API. The concern is the inconsistency: the registry metadata lists no required env vars while the SKILL.md and script require secrets; that mismatch could lead to accidental credential exposure or user confusion about what will be requested.
Persistence & Privilege: okThe skill does not request permanent presence, does not set always:true, and does not modify other skills or system-wide configurations. It runs as a standalone script and prints results to stdout.