ClawHub

TencentCloud IDCard OCR

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it sends user-provided Chinese ID card images to Tencent Cloud OCR and returns extracted identity fields, which is sensitive but disclosed and purpose-aligned.

Install only if you intend to process ID-card images through Tencent Cloud. Use a dedicated least-privilege Tencent Cloud key, avoid public image URLs when possible, confirm you have consent and a legal basis to process the document, and keep OCR results out of logs or shared chats unless properly protected.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Intent-Code Divergence

Low
Confidence
80% confidence
Finding
The script claims the client identifier should be fixed to 'Skills', but it accepts arbitrary caller-supplied values and forwards them to Tencent Cloud. This can enable misleading attribution, log pollution, or bypass of internal monitoring assumptions that rely on a stable user-agent value, though it does not by itself expose secrets or enable code execution.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
This skill is designed to send Chinese national ID card images and extracted identity fields to a third-party cloud OCR service, which involves highly sensitive personal data. The documentation does not clearly warn users that using the skill transmits PII off-system and may trigger privacy, consent, residency, and compliance obligations, making misuse or uninformed use materially risky.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The documentation states that request-source information is recorded in logs (`ReqBody.RequestClient`) for tracing, but it does not warn users about audit trail creation or potential retention and access implications. While the logged field is not the ID contents themselves, silent logging metadata around sensitive-ID processing can still create privacy and governance concerns in regulated environments.

Missing User Warnings

High
Confidence
97% confidence
Finding
This skill sends highly sensitive identity document images and extracted PII to an external cloud OCR service, but the interface does not clearly warn the user about third-party transmission and processing. In the context of an ID-card OCR skill, this is especially dangerous because the data includes government ID numbers, address, birth date, and other regulated personal information that may require explicit notice, consent, and data-handling controls.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal