OCR - Image Text Recognition (Local)

Name: ocr-local-1-0-0
Author: nvoicejacob

View on ClawHub↗

Share on X Share on LinkedIn Share on Bluesky

40Medium

Vulnerable to command injection via user input

ThreatsCI SM CS BC S HITL

Behavior Analysis

Mismatch detected — The skill claims to be '100% local run', but explicitly states that the 'First run downloads language data (~20MB per language)', which requires an external network connection.

Claims to do

OCR - Image Text Recognition (Local): Extract text from images using Tesseract.js. **100% local run, no API key required.** Supports Chinese and English.

Actually does

The skill executes a Node.js script (`ocr.js`) to perform OCR on a specified local image file using Tesseract.js. It supports English and Chinese languages, allowing users to specify language codes and output format (plain text or JSON). On its first execution for a given language, it downloads approximately 20MB of language data from an external source.

Threat Analysis

AI Agent Traps ↗Scanned 4/18/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoning1 finding

Cognitive StateMemory & Learningclean

Behavioural ControlAction1 finding

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namenvoicejacob/ocr-local-1-0-0

Registryclawhub

Version1.0.0

PURLpkg:clawhub/nvoicejacob/ocr-local-1-0-0@1.0.0

Downloads59

Source

Repository ↗

SHA-2567851270a251c...

SHA-104b609d24ca7...

MD585e49a04b6a6...

TLSHd03110562ec3...

Size1,472 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

OpenClawDocs

https://clawhub.ai/nvoicejacob/ocr-local-1-0-0

59 downloads

ClawHubDocs

openclaw skills install nvoicejacob/ocr-local-1-0-0

Assessments (2)

AI Agent Traps ↗

Potential Command Injection via Script Argumentsmediumcommand execution

The skill executes a local Node.js script (`ocr.js`) with arguments that could be derived from user input. Without proper sanitization by the agent or the script, this creates a potential for command injection.

85% confidenceline 15

node {baseDir}/scripts/ocr.js /path/to/image.jpg

Description Mismatchinfodescription mismatch

The skill claims to be '100% local run', but explicitly states that the 'First run downloads language data (~20MB per language)', which requires an external network connection.

85% confidence

Claim: '100% local run, no API key required.' Note: 'First run downloads language data (~20MB per language)'

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/clawhub/nvoicejacob/ocr-local-1-0-0.svg)](https://mondoo.com/ai-agent-security/skills/clawhub/nvoicejacob/ocr-local-1-0-0)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/clawhub/nvoicejacob/ocr-local-1-0-0"><img src="https://mondoo.com/ai-agent-security/api/badge/clawhub/nvoicejacob/ocr-local-1-0-0.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/clawhub/nvoicejacob/ocr-local-1-0-0.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow