Scan Report
5 /100
img-ocr
Image text recognition tool based on Tesseract OCR
A straightforward Tesseract OCR wrapper with clean, transparent implementation and no security concerns.
Safe to install
No action needed. The skill is safe to use.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | READ | READ | ✓ Aligned | ocr.py:17 — Image.open(path) |
| Network | NONE | NONE | — | No network imports or calls found |
| Shell | NONE | NONE | — | No subprocess/os.system/exec calls found |
| Environment | NONE | NONE | — | No os.environ access found |
| Clipboard | NONE | NONE | — | Not accessed |
| Database | NONE | NONE | — | Not accessed |
| Skill Invoke | NONE | NONE | — | Not used |
| Browser | NONE | NONE | — | Not used |
File Tree
2 files · 1.3 KB · 56 lines Markdown 1f · 32L
Python 1f · 24L
├─
ocr.py
Python
└─
SKILL.md
Markdown
Dependencies 3 items
| Package | Version | Source | Known Vulns | Notes |
|---|---|---|---|---|
pytesseract | unpinned | pip | No | Version not pinned in SKILL.md; install with explicit version for reproducibility |
Pillow | unpinned | pip | No | Version not pinned in SKILL.md; install with explicit version for reproducibility |
tesseract-ocr | unpinned | apt | No | System package; version not specified |
Security Positives
✓ No shell execution, subprocess, or os.system calls
✓ No network requests or external IP communication
✓ No credential harvesting or environment variable access
✓ No obfuscation (no base64, eval, or exec)
✓ Doc-to-code match: SKILL.md accurately describes the OCR functionality
✓ All dependencies (pytesseract, Pillow) are standard and declared
✓ Only accesses the user-supplied image path — no sensitive file traversal
✓ Minimal, readable code with proper error handling
✓ No persistence mechanisms or startup hooks