invoice-scan 安全扫描报告 — 可信 | ClawSafe

5 /100

invoice-scan

AI-powered invoice OCR, scanning, and data extraction

The invoice-scan skill is a well-documented invoice OCR and data extraction tool with transparent behavior, clear privacy disclosures, and legitimate use of filesystem, network, and shell resources aligned with its declared purpose.

技能名称invoice-scan

分析耗时55.7s

引擎pi

✓

可以安装

This skill is safe to use. Ensure users understand the privacy implications of CLI mode sending invoice data to Anthropic's API. Agent-native mode is recommended for privacy-sensitive environments.

安全发现 1 项

严重性	安全发现	位置
低危	Dependencies use caret ranges rather than pinned versions 供应链 package.json specifies sharp ^0.33.0 and xlsx ^0.18.5 with caret ranges instead of exact pinned versions. While these are stable, widely-used packages with no known compromises, strict pinning would be more secure. `"sharp": "^0.33.0"` → Consider pinning to exact versions (e.g., [email protected]) for reproducible builds, especially in production environments.	`scripts/package.json:35`

资源类型	声明权限	推断权限	状态	证据
文件系统	`WRITE`	`WRITE`	✓ 一致	SKILL.md declares output file writes to {WORKSPACE}/invoice-scan/output/; code c…
网络访问	`READ`	`READ`	✓ 一致	SKILL.md declares external endpoint api.anthropic.com; scanner.js:195 confirms f…
命令执行	`WRITE`	`WRITE`	✓ 一致	SKILL.md declares npm install --production; package.json specifies sharp and xls…
环境变量	`READ`	`READ`	✓ 一致	SKILL.md declares ANTHROPIC_API_KEY env var requirement; cli.js:47 reads from pr…
技能调用	`NONE`	`NONE`	—	No inter-skill invocation observed
剪贴板	`NONE`	`NONE`	—	No clipboard access found in codebase
浏览器	`NONE`	`NONE`	—	No browser automation present
数据库	`NONE`	`NONE`	—	No database access found in codebase

目录结构

21 文件 · 140.4 KB · 3726 行

JavaScript 17f · 3437L Markdown 3f · 249L JSON 1f · 40L

├─ ▾ 📁 references

│ ├─ 📝 canonical-schema.md Markdown 57L · 2.4 KB

│ └─ 📝 validation-rules.md Markdown 53L · 2.5 KB

├─ ▾ 📁 scripts

│ ├─ ▾ 📁 adapters

│ │ ├─ 📜 base.js JavaScript 180L · 5.8 KB

│ │ ├─ 📜 claude.js JavaScript 298L · 12.5 KB

│ │ └─ 📜 index.js JavaScript 41L · 918 B

│ ├─ ▾ 📁 extraction

│ │ └─ 📜 scanner.js JavaScript 302L · 9.9 KB

│ ├─ ▾ 📁 output

│ │ ├─ 📜 csv.js JavaScript 99L · 3.4 KB

│ │ ├─ 📜 excel.js JavaScript 182L · 5.9 KB

│ │ ├─ 📜 index.js JavaScript 37L · 1.1 KB

│ │ ├─ 📜 json.js JavaScript 9L · 186 B

│ │ └─ 📜 prepare.js JavaScript 290L · 10.1 KB

│ ├─ ▾ 📁 preprocessing

│ │ └─ 📜 preprocess.js JavaScript 127L · 3.4 KB

│ ├─ ▾ 📁 schema

│ │ └─ 📜 canonical.js JavaScript 159L · 5.4 KB

│ ├─ ▾ 📁 test

│ │ └─ 📜 run-tests.js JavaScript 766L · 36.7 KB

│ ├─ ▾ 📁 validation

│ │ ├─ 📜 arithmetic.js JavaScript 154L · 5.8 KB

│ │ ├─ 📜 completeness.js JavaScript 261L · 8.9 KB

│ │ └─ 📜 document-rules.js JavaScript 317L · 10.5 KB

│ ├─ 📜 cli.js JavaScript 169L · 5.6 KB

│ ├─ 📜 index.js JavaScript 46L · 1.2 KB

│ └─ 📋 package.json JSON 40L · 993 B

└─ 📝 SKILL.md Markdown 139L · 7.3 KB

依赖分析 2 项

包名	版本	来源	已知漏洞	备注
`sharp`	`^0.33.0`	npm	否	libvips-based image processing library
`xlsx`	`^0.18.5`	npm	否	Excel file generation library (SheetJS)

安全亮点

✓ Agent-native mode performs ALL processing locally without any network access or external API calls

✓ Comprehensive privacy notice explicitly warns users about data transmission in CLI mode

✓ Clear documentation distinguishing between agent-native and CLI modes with their respective capabilities

✓ No credential harvesting — ANTHROPIC_API_KEY is only used for its declared purpose (authenticating to Claude API)

✓ No suspicious patterns: no base64 execution, no direct IP calls, no os.environ iteration, no curl|bash patterns

✓ Filesystem access is scoped to specific input files and a dedicated output directory

✓ Dependencies (sharp, xlsx) are well-known, stable image processing libraries

✓ No hidden functionality or shadow behavior — code matches documentation

✓ Comprehensive validation pipeline (arithmetic, document rules, schema, completeness) suggests a professional, legitimate project