General Text Recognition OCR - 通用文字识别安全扫描报告 — 低风险 | ClawSafe

15 /100

General Text Recognition OCR - 通用文字识别

图片通用文字 OCR，支持中英文及多语种，基于极速数据通用文字识别 API

A straightforward OCR skill that reads local images and POSTs them to a third-party JisuAPI endpoint. No malicious behavior found; the only concern is an example credential placeholder in docs that poses no actual risk.

技能名称General Text Recognition OCR - 通用文字识别

分析耗时41.3s

引擎pi

✓

可以安装

The skill is safe to use. Consider explicitly documenting filesystem:READ in SKILL.md's metadata for completeness.

安全发现 3 项

严重性	安全发现	位置
提示	API key placeholder in documentation SKILL.md:26 shows 'export JISU_API_KEY="your_appkey_here"' — a template placeholder example. This is a documentation string instructing users to replace it, not a real or leaked credential. `export JISU_API_KEY="your_appkey_here"` → No action needed. Consider clarifying it is a placeholder (e.g., '# Replace with your actual key') to avoid false positives in automated scanners.	`SKILL.md:26`
低危	Missing filesystem:READ declaration in metadata The skill's metadata.requires does not list filesystem access, though the path parameter requires reading local files. This is a minor documentation gap rather than a security issue. `requires: { bins: ["python3"], env: ["JISU_API_KEY"] }` → Add filesystem:READ to the metadata.requires if the skill manifest supports it, or document it in the SKILL.md description.	`SKILL.md:3`
提示	Script path mismatch in documentation SKILL.md references 'skills/generalrecognition/generalrecognition.py' but the actual file is at the repository root as 'generalrecognition.py'. This is a path inconsistency. `脚本文件：skills/generalrecognition/generalrecognition.py` → Update the path to match the actual script location, or ensure the agent resolves the correct path at execution time.	`SKILL.md:32`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`READ`	✓ 一致	generalrecognition.py:50 — open(path, 'rb') reads local image files for base64 e…
网络访问	`WRITE`	`WRITE`	✓ 一致	generalrecognition.py:83 — requests.post to https://api.jisuapi.com/generalrecog…
命令执行	`NONE`	`NONE`	—	No subprocess, os.system, or shell invocation found
环境变量	`READ`	`READ`	✓ 一致	generalrecognition.py:99 — os.getenv('JISU_API_KEY'), explicitly declared in met…

1 高危 4 项发现

🔑

高危 API 密钥疑似硬编码凭证

API_KEY="your_appkey_here"

SKILL.md:26

🔗

中危外部 URL 外部 URL

https://www.jisuapi.com/

SKILL.md:9

🔗

中危外部 URL 外部 URL

https://www.jisuapi.com/api/generalrecognition/

SKILL.md:21

🔗

中危外部 URL 外部 URL

https://api.jisuapi.com/generalrecognition/recognize

generalrecognition.py:17

目录结构

2 文件 · 10.4 KB · 314 行

Python 1f · 164L Markdown 1f · 150L

├─ 🐍 generalrecognition.py Python 164L · 4.8 KB

└─ 📝 SKILL.md Markdown 150L · 5.6 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`requests`	`*`	pip	否	No requirements.txt or package.json found; requests is imported but not pinned

安全亮点

✓ Path traversal protection: _normalize_local_path() blocks absolute paths and '..' sequences, preventing access outside the working directory

✓ No shell execution: script uses only standard library and requests, no subprocess or os.system

✓ No credential exfiltration: API key is read from env and sent only to the intended JisuAPI endpoint

✓ No hidden functionality: base64 encoding, file reading, and API call are all explicitly visible in code

✓ No suspicious patterns: no base64-piped-to-bash, no eval, no direct IP connections, no iteration over os.environ for secrets

✓ Clear error handling: all network, file, and JSON parsing errors are caught and reported cleanly