paddleocr-doc-parsing

This skill is functionally coherent for delegating document parsing to a PaddleOCR provider, but it contains several risky behaviors: it explicitly directs the agent to solicit and parse API credentials from user messages and to auto-run a configuration script with those credentials, creating a credential-harvesting and autonomy risk. It also routes full document content (and the supplied credentials) to an external API endpoint, which is expected for this integration but raises exfiltration concerns if the endpoint is untrusted or compromised. The skill should require explicit user consent per credential before configuration, limit parsing of secrets from free-form chat, document where credentials are stored, and verify/trust the endpoint domains. Given those issues, treat the skill as suspicious/high-risk for credential exposure and transitive trust until the scripts' behavior and storage practices are reviewed.