paddleocr-text-recognition
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes standard Python libraries
httpxandpython-dotenvfor its operations. - [DATA_EXFILTRATION]: The skill facilitates the transmission of document data and authentication tokens to the configured PaddleOCR API service.
- [PROMPT_INJECTION]: The skill processes text extracted from external documents, which presents an indirect prompt injection surface.
- Ingestion points: External files and URLs provided to
scripts/ocr_caller.py. - Boundary markers: The skill uses a structured template for output but does not explicitly instruct the agent to disregard commands within the extracted text.
- Capability inventory: The agent can execute local scripts, access the filesystem, and perform network operations.
- Sanitization: Extracted text is provided to the agent without additional validation or sanitization.
Audit Metadata